Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

clear connection on PIX 7.0

Good day!

How to clear(reset) specified connection (defined by pair source/port-destionation/port) on PIX 7.04 if nat-control is off and xlate not using?

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions

Re: clear connection on PIX 7.0

perhaps you can use the shun command. this will reset the connection but also will block future connections from the source IP matching the ports and protocol specified in the shun ..

"Step 1 If necessary, view information about the connection by entering the following command:

hostname# show conn

The security appliance shows information about each connection, such as the following:

TCP out 64.101.68.161:4300 in 10.86.194.60:23 idle 0:00:00 bytes 1297 flags UIO

Step 2 To shun connections from the source IP address, enter the following command:

hostname(config)# shun src_ip [dst_ip src_port dest_port [protocol]] [vlan vlan_id]

If you enter only the source IP address, then all future connections are shunned; existing connections

remain active.

To drop an existing connection, as well as blocking future connections from the source IP address, enter

the destination IP address, source and destination ports, and the protocol. By default, the protocol is 0 for IP.

Step 3 To remove the shun, enter the following command:

hostname(config)# no shun src_ip [vlan vlan_id] "

I hope it helps ... please rate if it it does !!!

2 REPLIES

Re: clear connection on PIX 7.0

perhaps you can use the shun command. this will reset the connection but also will block future connections from the source IP matching the ports and protocol specified in the shun ..

"Step 1 If necessary, view information about the connection by entering the following command:

hostname# show conn

The security appliance shows information about each connection, such as the following:

TCP out 64.101.68.161:4300 in 10.86.194.60:23 idle 0:00:00 bytes 1297 flags UIO

Step 2 To shun connections from the source IP address, enter the following command:

hostname(config)# shun src_ip [dst_ip src_port dest_port [protocol]] [vlan vlan_id]

If you enter only the source IP address, then all future connections are shunned; existing connections

remain active.

To drop an existing connection, as well as blocking future connections from the source IP address, enter

the destination IP address, source and destination ports, and the protocol. By default, the protocol is 0 for IP.

Step 3 To remove the shun, enter the following command:

hostname(config)# no shun src_ip [vlan vlan_id] "

I hope it helps ... please rate if it it does !!!

New Member

Re: clear connection on PIX 7.0

Thanks, Fernando!

it's exactly that what I need

325
Views
0
Helpful
2
Replies
CreatePlease to create content