Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515 sho conn flags

Can anyone point me to a listing of the meanins of the flags I see when doing a "sho conn" command? I'm trying to track down the significance of "saA" on an outbound ftp connection that is suddenly not working.

I bought the "Cisco Secure PIX Firewalls" book from Cisco, but there's nothing in there that I can find. I would have thought there would have been a complete listing of the flags in there.

Thanks in advance.

4 REPLIES
Cisco Employee

Re: PIX 515 sho conn flags

Here is the connection flags table

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/s.htm#36790

"saA" means

s = awaiting outside SYN

a = awaiting outside ACK to SYN

A = awaiting inside ACK to SYN

HTH

R/Yusuf

New Member

Re: PIX 515 sho conn flags

Thanks!

I can't fathom why they make this so hard to find on the site...

New Member

Re: PIX 515 sho conn flags

U - up

f - inside FIN

F - outside FIN

r - inside acknowledged FIN

R - outside acknowledged FIN

s - awaiting outside SYN

S - awaiting inside SYN

M - SMTP data

H - HTTP get (not used)

- SIP connection

I - inbound data

O - outbound data

q - SQL*Net data

d - dump

P - inside back connection

E - outside back connection

G - group

a - awaiting outside ACK to SYN

A - awaiting inside ACK to SYN

B - initial SYN from outside

R - RPC

H - H.323

- SIP connection

- SIP media connection

- SIP trans connection

D - DNS

New Member

Re: PIX 515 sho conn flags

For the life of me I cannot see what precisely an "s = awaiting outside SYN" means. I would be grateful if someone has the answer.

Thanks, Timothy

228
Views
0
Helpful
4
Replies
CreatePlease login to create content