Tuesday, June 12, 2007

PIX firewall troubleshooting commands

I am adding some commonly used PIX firewall troubleshooting commands. For those of you who does troubleshooting of the firewall, you know should familiar yourself with these commmands. Handy yet Powerful.

1. show xlate, show xlate detail - display NAT translations and its details

2. show connection, show connection detail - display connection details built in the firewall

3. show service-policy - display inspection policies

4. show local-host 192.168.1.1 - display translation, AAA, connection information

5. show asp drop - show number of packets dropped while processing the packets

6. show mem - display memory usage in the PIX

7. show cpu usage - display cpu usage over a time period

8. show traffic - display total traffic transmitted and received on each individual interfaces on the PIX

9. show block and show cpu usage can determine if the firewall is overloaded.

Of course there are many other things you would need to know like the debug commands, capture commands, show logging, show running logging, show logging setting commands. If you guys need to know more, just email me and i will guide you

1 comment:

Anonymous said...

Hi,

I am having PIX 515E Software Version 7.2(1) which reboots quite often. If I see the cpu utilization it reaches around 90%. Any idea how to troubleshoot this