Cisco

I figured I’d start a cheat sheet of several of the cisco commands I use:

ASA
Show all active VPN Sessions
show vpn-sessiondb
show vpn-sessiondb remote (ipsec connections)
show vpn-sessiondb l2l (site to site vpn)
show vpn-sessiondb svc (ssl vpn)

Show all active SSH sessions (hopefully you don’t have telnet enabled)
show ssh sessions

show crypto ipsec stats
show crypto ipsec sa detail
show crypto isakmp peer IP
clear crypto ipsec sa peer IP
clear crypto ipsec sa

Null route blocking on router
ip route DEST_NETWORK SUBNETMASK null 0

Stop attacks on ASA
shun SRC_IP DEST_IP SRC_PORT DEST_PORT PROTOCOL

Leave a Reply

Your email address will not be published. Required fields are marked *

Ramblings Of An IT Person