As far as i know the way to view the present state table is to do a "sh conn" on your FWSM. This will show you all the current connections the FWSM is keeping track of and if TCP connections the TCP flags.
Edit - sorrydidn't answer the first bit. The state table is how a stateful firewall keeps track of connections. So a simple example would
client on inside telnets to a server on outside. FWSM records the client IP address, the client port number, the destination IP address, the destination port number (which will be 23 in this case) and the TCP flag which for the initial packet will be a SYN flag.
When the server responds the TCP flag will be a SYN/ACK and because the firewall has an entry in it's state table for the corresponding SYN it will allow it through.
Note that if a server on the outside sent a SYN/ACK packet but there was no corresponding SYN packet in it's state table it would drop the packet.
If there is a connection from inside server 10.10.10.1 to outside server 184.108.40.206 on port 23. The traffic is flowing. The flow is recorded in the state table. What will happen if another connection is opened from server 10.10.10.1 to another outside server 220.127.116.11 by telnet or ftp? Now what is recorded in the state table?
Will these two statements recorded in the state table?
10.10.10.1->18.104.22.168 on port 23
10.10.10.1->22.214.171.124 on port 23
If this happen, does this kill the flow from 10.10.10.1 to 126.96.36.199?
No it doesn't kill the flow because all the information is recorded in the state table. So in your example the destination address is different so it the 2 connections can be seen as separate int the state table.
But let's go one further
10.10.10.1 opens a telnet connection to 188.8.131.52.
10.10.10.1 open an ssh connection to 184.108.40.206.
Both these are also separate
10.10.10.1 -> 220.127.116.11 23
10.10.10.1 -> 18.104.22.168 22
And one step further
10.10.10.1 opens a telnet connection to 22.214.171.124
10.10.10.1 opens another telnet connection to 126.96.36.199
Again these are kept separate because although i haven't included them in the examples so far, the source port is also recorded so
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :