Today somebody asked on cisco support cummunity how to track cause of high number of connections on ASA/FWSM. I thinked little and write down this answer, hope it will be helpful for anybody facing this issue:
TIP: If you have some kind of unix box, you can use show conn and export it to the file. This file should be placed on unix box. Than you can use on unix box:
cat | sed -e 's/:/ /g' | awk '{print $6}' | sort | uniq -c | sort -g
The output will be like this:
7 10.96.158.1
7 10.96.177.1
7 10.96.19.1
7 10.96.198.1
7 10.97.29.1
7 10.97.58.1
7 10.97.60.1
8 10.97.30.1
8 10.97.43.1
9 10.96.117.1
9 10.96.34.1
9 10.97.10.1
10 10.96.159.1
18 212.248.105.74
26 10.96.2.34
Here is the first column is count and second column is address of the inside host. For outside host count use {print $3}
TIP: If you have some kind of unix box, you can use show conn and export it to the file. This file should be placed on unix box. Than you can use on unix box:
7 10.96.177.1
7 10.96.19.1
7 10.96.198.1
7 10.97.29.1
7 10.97.58.1
7 10.97.60.1
8 10.97.30.1
8 10.97.43.1
9 10.96.117.1
9 10.96.34.1
9 10.97.10.1
10 10.96.159.1
18 212.248.105.74
26 10.96.2.34
Комментариев нет:
Отправить комментарий