Cisco ASA 5506-X Configuration Manual page 300
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Monitoring Performance and System Resources
•
•
Example
The following example traces a TCP packet for the HTTP port from 10.100.10.10 to 10.100.11.11. The
result indicates that the packet will be dropped by the implicit deny access rule.
hostname(config)# packet-tracer input outside tcp 10.100.10.10
Phase: 1
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
found next-hop 10.86.116.1 using egress ifc
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule
Monitoring Performance and System Resources
You can monitor a variety of system resources to identify performance or other potential problems.
•
•
•
•
•
Cisco ASA Series Firewall CLI Configuration Guide
13-12
detailed—Provides detailed trace results information in addition to the normal output.
xml—Displays the trace results in XML format.
show perfmon
Shows current and average statistics for NAT xlates, connections, inspections, URL access and
server requests, AAA, and TCP intercept.
show memory
Shows free and used memory.
show blocks
Shows memory block information based on block size.
show cpu
Shows CPU utilization.
show process
Shows system process information. Following are some useful variants:
Chapter 13
Troubleshooting Connections and Resources
80 10.100.11.11 80
outside
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
