You said it is for the IPS module right? Do you have an IPS module
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Thursday, June 03, 2010 9:06 AM To: [email protected] Subject: [OSL | CCIE_Security] Flags - sh conn - ASA Hi Flash card - IPS module - 25th question. There is screenshot of sh conn flags and it asks to map which is inbound and outbound. Can someone explain that screenshot. I am not able to get that king of O/P with sh conn options. This is what I get in my ASA. ciscoasa(config)# sh conn detail 1 in use, 2 most used Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN, B - initial SYN from outside, b - TCP state-bypass or nailed, C - CTIQBE media, D - DNS, d - dump, E - outside back connection, F - outside FIN, f - insi de FIN, G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data, i - incomplete, J - GTP, j - GTP data, K - GTP t3-response k - Skinny media, M - SMTP data, m - SIP media, n - GUP O - outbound data, P - inside back connection, p - Phone-proxy TFTP conne ction, q - SQL*Net data, R - outside acknowledged FIN, R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside SYN, s - awaiting outside SYN, T - SIP, t - SIP transient, U - up, V - VPN orphan, W - WAAS, X - inspected by service module TCP outside:10.20.30.40/23 inside:10.20.30.42/20257, flags UIO, idle 13m35s, uptime 13m42s, timeout 1h0m, bytes 158 With regards Kings No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.819 / Virus Database: 271.1.1/2914 - Release Date: 06/03/10 02:25:00
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
