[c-nsp] Cisco command to see active session on "cisco WS-C6503-E (R7000)"
Tassos Chatzithomaoglou
achatz at forthnetgroup.gr
Thu Dec 13 02:09:44 EST 2012
Depending on running release, you might use one or more of the following to see locally
originated/terminated ports/connections:
Show control-plane host open-ports
Show ip sockets
Show sockets
Show tcp brief
Show udp detail
--
Tassos
Randy wrote on 13/12/2012 06:09:
> People,
>
> Can we step back here and ask OP (Samol) what EXACTLY he is trying to accomplish? (I agree, OP's example of netstat didn't help!!)
>
> a) By active-sessions, does OP mean "sessions that treminate on router"??
> If above is the case:
> 1) show user
> 2) sh tcp brief
>
> ...should all help OP.
>
> b)for sessions-transiting - Meaningless-Question; unless of course there is an FWSM in which case OP needs to looks x-lates to start!
>
> Regards,
> ./Randy
>
> --- On Wed, 12/12/12, Andrew Jones <Andrew.Jones at alphawest.com.au> wrote:
>
>> From: Andrew Jones <Andrew.Jones at alphawest.com.au>
>> Subject: Re: [c-nsp] Cisco command to see active session on "cisco WS-C6503-E (R7000)"
>> To: "Samol" <molasian at gmail.com>
>> Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
>> Date: Wednesday, December 12, 2012, 6:54 PM
>> No such thing, as sessions don't
>> terminate on the router, and it doesn't track state of
>> traffic like a firewall might.
>>
>> You need something like netflow to monitor and record the
>> traffic.
>>
>> Netstat works on a windows machine as the sessions are
>> terminated on that server.
>>
>> Andrew Jones
>> Alphawest | Optus Business
>>
>> From: Samol [mailto:molasian at gmail.com]
>> Sent: Thursday, 13 December 2012 1:47 PM
>> To: Andrew Jones
>> Cc: cisco-nsp at puck.nether.net
>> Subject: RE: [c-nsp] Cisco command to see active session on
>> "cisco WS-C6503-E (R7000)"
>>
>>
>> Hi Aj,
>>
>> that command can do without having to enable this. its like
>> the command uses on windows "netstat?" so that see can see
>> the active sessions which
>> are goung thru router.
>>
>> Regards,
>> Sam
>> On Dec 13, 2012 9:40 AM, "Andrew Jones" <Andrew.Jones at alphawest.com.au<mailto:Andrew.Jones at alphawest.com.au>>
>> wrote:
>> Ok, so you mean sessions going through the router?
>>
>> You need netflow enabled on the switch, then enable "ip flow
>> ingress" and "ip flow egress" on the interface you are
>> interested in, then perform a "show ip cache flow"
>>
>> It will give you this info, but alot of it uses HEX codes
>> you need to translate... (google is your friend)
>>
>> Andrew Jones
>> Alphawest | Optus Business
>>
>> From: Samol [mailto:molasian at gmail.com<mailto:molasian at gmail.com>]
>> Sent: Thursday, 13 December 2012 1:25 PM
>> To: Andrew Jones
>> Cc: cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
>> Subject: Re: [c-nsp] Cisco command to see active session on
>> "cisco WS-C6503-E (R7000)"
>>
>> Hi AJ,
>>
>> No, the output of this command shows us the
>> source/Destinaion IP address using UDP or TCP etc.
>>
>> Regards,
>> Sam
>>
>> 2012/12/13 Andrew Jones <Andrew.Jones at alphawest.com.au<mailto:Andrew.Jones at alphawest.com.au>>
>> Do you mean to see who is logged into the cli?
>>
>> Try "who"
>>
>> Andrew Jones
>>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net<mailto:cisco-nsp-bounces at puck.nether.net>
>> [mailto:cisco-nsp-bounces at puck.nether.net<mailto:cisco-nsp-bounces at puck.nether.net>]
>> On Behalf Of Samol
>> Sent: Thursday, 13 December 2012 12:57 PM
>> To: cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
>> Subject: [c-nsp] Cisco command to see active session on
>> "cisco WS-C6503-E (R7000)"
>>
>> Hi All,
>>
>> I believe there is a command that we can use to see the
>> active sessions
>> on cisco WS-C6503-E (R7000), but somehow I can't remember
>> what the command
>> is. Pls let me know if you know this command.
>>
>> Regards,
>> Sam
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
More information about the cisco-nsp
mailing list