Cisco ASA Series Cli Configuration Manual page 927
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Configuring the ASA to Integrate with Cisco TrustSec
peer peer_addr
local local_addr
ipv4
ipv6
status
mode
brief
Alternatively you can use the show connection command with the security-group keyword to display
SXP connection information:
show connection [security-group [tag <sgt#> | name <sg_name>]...]
This show connection command displays data for SXP connections when you include the
security-group keyword. To display information for a specific connection, include the security-group
keyword specify an SGT value or security group name for both the source and destination of the
connection. The ASA displays the connection matching the specific SGT values or security group
names.
When you specify the security-group keyword without specifying a source and destination SGT value
or a source and destination security group name, the ASA displays data for all SXP connections.
The ASA displays the connection data in the format security_group_name (SGT_value) or just as the
SGT_value when the security group name is unknown.
Note
Security group data is not available for stub connections because stub connection do not go through the
slow path. Stub connections maintain only the information necessary to forward packets to the owner of
the connection.
You can specify a single security group name to display all connections in a cluster; for example, the
following example displays connections matching security-group mktg in all units of the cluster:
hostname# show cluster conn security-group name mktg
...
Output
This example displays a summary of the SXP connections enabled on the ASA:
hostname# show cts sxp connection brief
SXP
Highest version
Default password
Default local IP
Reconcile period
Retry open period : 10 secs
Retry open timer
Total number of SXP connections : 2
-----------------------------------------------------------------------------
Displays only connections with the matched peer IP address.
Displays only connections with the matched local IP address.
Displays only IPv4 connections.
Displays only IPv6 connections.
Displays only connections with the matched status.
Displays only connections with the matched mode.
Displays only the connection summary.
: Enabled
: 2
: Set
: Not Set
: 120 secs
: Not Running
Monitoring the ASA Integrated with Cisco TrustSec
Cisco ASA Series CLI Configuration Guide
1-23
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
