Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Monitoring Sessions on PIX

Hi everyone,

I just wanna know wht will be the command to monitor the sessions on

the pix.Like on Juniper Netscreen we use get session src-ip X.X.X.X to get the

session details of a particular src-ip to check on which ports it is hitting our firewall, as far as as i know sh conn

will help me in this out.Kindly clarify my doubts




Re: Monitoring Sessions on PIX

That I know of it is show conn as you said

" show conn | inc IP_address "

" show conn " will show all connections and source/destication TCP/UDP ports being hit either inbound or outbound.

Re: Monitoring Sessions on PIX


Also you can used these commands to show detail TCP/UDP connections by particular source IP.

"show local-host IP_Address "

"show local-host IP_Address detail "

New Member

Re: Monitoring Sessions on PIX

One more way

Some Gentelman shared it with me on Yahoo Group:-

To use the capture command

if for example you would like to capture http traffic from an internal proxy

server (ip passing the inside interface

Create an ACL of what you would like to capture

access-list 100 permit tcp host any eq www

then create the capture

capture "name" access-list 100 interface inside

then once traffic has been generated type sh capture "name"



New Member

Re: Monitoring Sessions on PIX


It would be work fine but it's costly in terms of PIX cpu and memory usage show it's not goood method to see session of daily traffic.....

New Member

Re: Monitoring Sessions on PIX

Hi Amit,

Yeah thats true but as ASDM has not any function which shows the sessions there itself,we have to use this to see the sessions on CLI and after that we can clear the things. Is there any other way around ??



New Member

Re: Monitoring Sessions on PIX

You can use sh conn command with detail and count and other supported command to clear ur result.let me know if you are qerying for any other thing