02-10-2012 03:39 AM
Hi - does somewone know the command to show the current countdown timers for users who have accepted SSL interception?
I know there is one as I've run it in the past, but can't for the life of me find it.
Thanks
02-16-2012 11:59 AM
I think how you worded it was a little confusing.. (title).. but I get what you are asking..
In order to find that information, perform the following 2-3 steps..
1. show session all
this will show the connections through the Firewall. Look for the ID value (first value)
ID/vsys application state type flag src[sport]/zone/proto (translated IP[port])
dst[dport]/zone (translated IP[port]
-------------------------------------------------------------------------------
4583/1 0 ACTIVE FLOW 10.5.20.110[139]/corp-trust/6 (10.5.20.110[139])
192.168.83.1[4907]/corp-untrust (192.168.83.1[4907])
16407/1 0 ACTIVE FLOW 10.16.0.200[1475]/corp-trust/6 (10.16.0.200[1475])
10.5.20.110[139]/corp-untrust (10.5.20.110[139])
119943/1 skype ACTIVE PRED 0.0.0.0[0]/corp-trust/6 (0.0.0.0[0])
75.111.30.222[443]/corp-untrust (75.111.30.222[443])
2. If you cannot find the session you are looking for, then try to filter the results..
show session all filter source 10.5.20.110
3. Then take that ID and get more info on that connection..
show session id 2
show session id 2
Session 2
c2s flow:
source: 172.17.128.101 [untrust]
dst: 224.0.0.5
proto: 89
sport: 20033
dport: 20033
state: ACTIVE
type: FLOW
src user: unknown
dst user: unknown
s2c flow:
source: 224.0.0.5 [trust]
dst: 172.17.128.101
proto: 89
sport: 20033
dport: 20033
state: ACTIVE
type: FLOW
src user: unknown
dst user: unknown
start time : Mon Feb 13 18:40:47 2012
timeout : 30 sec
time to live : 24 sec
total byte count : 2010848
layer7 packet count : 24440
vsys : vsys1
application : ospf
rule : test_any
session to be logged at end : True
session in session ager : True
session synced from HA peer : False
layer7 processing : completed
URL filtering enabled : False
session via syn-cookies : False
session terminated on host : False
session traverses tunnel : False
captive portal session : False
ingress interface : ethernet1/1
egress interface : ethernet1/2
session QoS rule : QOS-Realtime (class 4)
Hopefully this is what you were asking about.
Have a GREAT DAY!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
