Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IOS equivalent to sh conn and sh xlate in PIX

Hey chaps and chapettes.

As the title states, what's the command to track connections through an IOS 12.4 Router with Zone Based Firewalling enabled?

I'm used to getting good output from sh conn and sh xlate on my ASA but I've never tried to do the same thing within IOS.

Help very much appreciated.

Regards

Paul.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: IOS equivalent to sh conn and sh xlate in PIX

Paul-

I have not had a chance to play with zone based firewalling yet, but can't wait. I'm assuming that the translations will be the same as using normal interfaces.

show xlate = show ip nat translations

show conn = show ip nat translations verbose

HTH and please rate.

3 REPLIES

Re: IOS equivalent to sh conn and sh xlate in PIX

Paul-

I have not had a chance to play with zone based firewalling yet, but can't wait. I'm assuming that the translations will be the same as using normal interfaces.

show xlate = show ip nat translations

show conn = show ip nat translations verbose

HTH and please rate.

New Member

Re: IOS equivalent to sh conn and sh xlate in PIX

Ahhhh! Magic!

Thank you very much, you're a gentleman and a scholar!

Yeah the zone based firewalling makes me feel warm and fuzzy coming from a PIX background into IOS world as it's alot more like that than classic firewalls.. Apart from the supposed performance and administrative benefits it doesn't do much else tho.. apart from WORK I guess! :O)

Thanks again buddy.

Paul.

Re: IOS equivalent to sh conn and sh xlate in PIX

We also use Netscreen firewalls which use zones,glad to see Cisco catching up. Glad the commands helped.

557
Views
0
Helpful
3
Replies
CreatePlease login to create content