Yes, Tyson even I used the same criteria of looking into "B". But I am confused.
In each O/P, on the left side the column is "TCP Flags" and right colum is "FW flags". Not getting what the exhibit is trying to convey. Can you please explain what the exhibit is about? With regards Kings On Thu, Jun 3, 2010 at 7:39 PM, Tyson Scott <[email protected]> wrote: > I don't think it is asking to get the output looking like that it is just > giving you the relevant data. It also is not output from a single packet it > is from the entire communication not just the initial packet. 2 is A and 1 > is B right. As B is initial SYN from outside > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* Kingsley Charles [mailto:[email protected]] > *Sent:* Thursday, June 03, 2010 9:54 AM > *To:* Tyson Scott > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] Flags - sh conn - ASA > > > > Actually, I meant the IPS section of the flash card :-) > > Attached the screenshot > > With regards > Kings > > On Thu, Jun 3, 2010 at 7:15 PM, Tyson Scott <[email protected]> wrote: > > You said it is for the IPS module right? Do you have an IPS module > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Kingsley Charles > *Sent:* Thursday, June 03, 2010 9:06 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] Flags - sh conn - ASA > > > > Hi > > Flash card - IPS module - 25th question. There is screenshot of sh conn > flags and it asks to map which is inbound and outbound. > Can someone explain that screenshot. I am not able to get that king of O/P > with sh conn options. > > This is what I get in my ASA. > > ciscoasa(config)# sh conn detail > 1 in use, 2 most used > Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN, > B - initial SYN from outside, b - TCP state-bypass or nailed, C - > CTIQBE > media, > D - DNS, d - dump, E - outside back connection, F - outside FIN, f - > insi > de FIN, > G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data, > i - incomplete, J - GTP, j - GTP data, K - GTP t3-response > k - Skinny media, M - SMTP data, m - SIP media, n - GUP > O - outbound data, P - inside back connection, p - Phone-proxy TFTP > conne > ction, > q - SQL*Net data, R - outside acknowledged FIN, > R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside > SYN, > s - awaiting outside SYN, T - SIP, t - SIP transient, U - up, > V - VPN orphan, W - WAAS, > X - inspected by service module > TCP outside:10.20.30.40/23 inside:10.20.30.42/20257, > flags UIO, idle 13m35s, uptime 13m42s, timeout 1h0m, bytes 158 > > > > > With regards > Kings > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 9.0.819 / Virus Database: 271.1.1/2914 - Release Date: 06/03/10 > 02:25:00 > > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 9.0.819 / Virus Database: 271.1.1/2914 - Release Date: 06/03/10 > 02:25:00 >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
