Cisco ASA Series Command Reference
show running-config ddns -- show running-config isakmp
Downloads: This chapterpdf (PDF - 429.0KB) The complete bookPDF (PDF - 31.85MB) | The complete bookePub (ePub - 2.33MB) | The complete bookMobi (Mobi - 9.5MB) | Feedback

Table of Contents

show running-config ddns through show running-config isakmp Commands

show running-config ddns

s how running-config dhcp-client

s how running-config dhcpd

s how running-config dhcprelay

s how running-config dns

show running-config dns server-group

s how running-config domain-name

show running-config dynamic-access-policy-record

s how running-config dynamic-filter

s how running-config enable

s how running-config established

s how running-config failover

s how running-config filter

s how running-config fips

show running-config flow-export

s how running-config fragment

s how running-config ftp mode

s how running-config global

s how running-config group-delimiter

s how running-config group-policy

show running-config hpm

s how running-config http

s how running-config icmp

s how running-config imap4s

s how running-config interface

show running-config interface bvi

s how running-config ip address

s how running-config ip audit attack

s how running-config ip audit info

s how running-config ip audit interface

s how running-config ip audit name

s how running-config ip audit signature

s how running-config ip local pool

s how running-config ip verify reverse-path

s how running-config ipv6

s how running-config ipv6 router

s how running-config isakmp

show running-config ddns through show running-config isakmp Commands

show running-config ddns

To display the DDNS update methods of the running configuration, use the show running-config ddns command in privileged EXEC mode.

show running-config [ all ] ddns [ update ]

 
Syntax Description

all

(Optional) Shows the running configuration, including default configuration values.

update

(Optional) Specifies that DDNS update method information be displayed.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.2(1)

This command was introduced.

Examples

The following example displays the DDNS methods in the running configuration with test in the name:

ciscoasa# show running-config all ddns | grep test
ddns update method test

 

 
Related Commands

Command
Description

ddns (DDNS-update-

method mode)

Specifies a DDNS update method type for a created DDNS method.

ddns update (interface config mode)

Associates an ASA interface with a DDNS update method or a DDNS update hostname.

ddns update method (global config mode)

Creates a method for dynamically updating DNS resource records.

show ddns update interface

Displays the interfaces associated with each configured DDNS method.

show ddns update method

Displays the type and interval for each configured DDNS method. a DHCP server to perform DDNS updates.

show running-config dhcp-client

To display the DHCP client update parameters in the running configuration, use the show running-config dhcp-client command in privileged EXEC mode.

show running-config [ all ] dhcp-client

 
Syntax Description

all

(Optional) Shows the running configuration including default configuration values.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.2(1)

This command was introduced.

Examples

The following example displays DHCP client update parameters in the running configuration that specify updates for both A and PTR records:

ciscoasa# show running-config all dhcp-client | grep both
dhcp-client update dns server both

 

 
Related Commands

Command
Description

dhcp-client update dns

Configures the update parameters that the DHCP client passes to the DHCP server.

dhcpd update dns

Enables a DHCP server to perform DDNS updates.

clear configure dhcp-client

Clears the DHCP client configuration.

show running-config dhcpd

To show the DHCP configuration, use the show running-config dhcpd command in privileged EXEC or global configuration mode.

show running-config dhcpd

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

This command was changed from the show dhcpd command to the show running-config dhcpd command.

 
Usage Guidelines

The show running-config dhcpd command displays the DHCP commands entered in the running configuration. To see DHCP binding, state, and statistical information, use the show dhcpd command.

Examples

The following is sample output from the show running-config dhcpd command:

ciscoasa# show running-config dhcpd
 
dhcpd address 10.0.1.100-10.0.1.108 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd dns 209.165.201.2 209.165.202.129
dhcpd enable inside
 

 
Related Commands

Command
Description

clear configure dhcpd

Removes all DHCP server settings.

debug dhcpd

Displays debug information for the DHCP server.

show dhcpd

Displays DHCP binding, statistic, or state information.

show running-config dhcprelay

To view the current DHCP relay agent configuration, use the show running-config dhcprelay command in privileged EXEC mode.

show running-config dhcprelay [ global | interface [ ifc ]]

 
Syntax Description

global

Shows the global DHCP relay agent configuration.

ifc

Shows the DHCP relay agent configuration on a specified interface.

interface

Shows all of the DHCP relay agent configurations on all interfaces.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

9.1.(2)

The global , interface , and ifc options were added.

 
Usage Guidelines

The show running-config dhcprelay command displays the current DHCP relay agent configuration. To show DHCP relay agent packet statistics, use the show dhcprelay statistics command.

The vlan option for Catalyst 6500 VLANs is available when you show the DHCP relay configuration on a per-interface basis. You can show the DHCP relay configuration on a per-interface basis by including the interface name ( ifc option).

Examples

The following is sample output from the show running-config dhcprelay command:

ciscoasa(config)# show running-config dhcprelay
 
dhcprelay server 10.1.1.1
dhcprelay enable inside
dhcprelay timeout 90
 

The following is sample output from the show running-config dhcprelay global command:

ciscoasa(config)# show running-config dhcprelay global
dhcprelay enable vlan391
dhcp timeout 60
dhcprelay information trust-all
 

The following is sample output from the show running-config dhcprelay interface command:

ciscoasa(config)# show running-config dhcprelay interface
 
interface vlan391
nameif vlan391
dhcprelay server 198.16.48.1
 
interface vlan392
nameif vlan392
dhcprelay information trusted
 
interface vlan393
nameif vlan393
dhcprelay serv er 198.16.52.3
 

The following is sample output from the show running-config dhcprelay interface ifc command:

ciscoasa(config)# show running-config dhcprelay interface vlan392
 
interface vlan392
nameif vlan392
dhcprelay information trusted
 

 
Related Commands

Command
Description

clear configure dhcprelay

Removes all DHCP relay agent settings.

clear dhcprelay statistics

Clears the DHCP relay agent statistic counters.

debug dhcprelay

Displays debugging information for the DHCP relay agent.

show dhcprelay statistics

Displays DHCP relay agent statistics.

show running-config dns

To show the DNS configuration in the running configuration, use the show running-config dns command in privileged EXEC mode.

show running-config dns

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was introduced.

Examples

The following is sample output from the show running-config dns command:

ciscoasa# show running-config dns
dns domain-lookup inside
dns name-server
dns retries 2
dns timeout 15
dns name-server 10.1.1.1
 

 
Related Commands

Command
Description

dns domain-lookup

Enables the ASA to perform a name lookup.

dns name-server

Configures a DNS server address.

dns retries

Specifies the number of times to retry the list of DNS servers when the ASA does not receive a response.

dns timeout

Specifies the amount of time to wait before trying the next DNS server.

show dns-hosts

Shows the DNS cache.

show running-config dns server-group

To show the DNS configuration in the running configuration, use the show running-config dns command in privileged EXEC mode.

show [ all ] running-config dns server-group [ name ]

 
Syntax Description

all

Displays the default and explicitly configured configuration information for one or all dns-server-groups.

name

Specifies the name of the dns server group for which you want to show the configuration information.

 
Defaults

If you omit the DNS server group name, this command displays all the existing DNS server group configurations.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.1 (1)

This command was introduced.

Examples

The following is sample output from the show running-config dns server-group command:

ciscoasa# show running-config dns server-group
dns domain-lookup inside
dns server-group DefaultDNS
name-server 90.1.1.22
domain-name frqa.cisco.com
dns server-group writers1
retries 10
timeout 3
name-server 10.86.194.61
domain-name doc-group
ciscoasa#

 
Related Commands

Command
Description

clear configure dns

Removes all DNS commands.

dns server-group

Enters DNS server group mode, in which you can configure a DNS server group.

show running-config domain-name

To show the domain name configuration in the running configuration, use the show running-config domain-name command in privileged EXEC mode.

show running-config domain-name

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show domain-name .

Examples

The following is sample output from the show running-config domain-name command:

ciscoasa# show running-config domain-name
example.com
 

 
Related Commands

Command
Description

domain-name

Sets the default domain name.

hostname

Sets the ASA hostname.

show running-config dynamic-access-policy-record

To display the running configuration for all DAP records, or for the named DAP record, use the show running-config dynamic-access-policy-record command in privileged EXEC mode.

show running-config dynamic-access-policy-record [ name ]

 
Syntax DescriptionE

name

Specifies the name of the DAP record. The name can be up to 64 characters long and cannot contain spaces.

 
Defaults

All attributes display.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC mode

  •  
  •  
  •  

 
Command History

Release
Modification

8.0(2)

This command was introduced.

Examples

This example shows the use of the show running-config dynamic-access-policy-record command to display statistics for the DAP record named Finance:

ciscoasa(config)#show running-config dynamic-access-policy-record Finance
dynamic-access-policy-record Finance
description value “Finance users from trusted device”
network-acl FinanceFirewallAcl
user-message “Limit access to the Finance network”
priority 2
webvpn
appl-acl FinanceWebvpnAcl
url-list value FinanceLinks,StockLinks
port-forward enable FinanceApps
file-browsing enable
file-entry enableciscoasa#
 

 
Related Commands

Command
Description

clear config dynamic-access-policy-record [ name ]

Removes all DAP records or the named DAP record.

dynamic-access-policy-record

Creates a DAP record.

show running-config dynamic-filter

To show the Botnet Traffic Filter configuration, use the show running-config dynamic-filter command in privileged EXEC mode.

show running-config [ all ] dynamic-filter

 
Syntax Description

all

(Optional) Shows the running configuration, including default configuration values.

 
Command Default

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

8.2(1)

This command was introduced.

Examples

The following is sample output from the show running-config dynamic-filter command:

ciscoasa# show running-config dynamic-filter
 
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside classify-list test_l4tm
dynamic-filter enable interface publicl4tm
dynamic-filter enable interface publictftp
dynamic-filter enable interface mgmt
dynamic-filter whitelist
name www.example.com
dynamic-filter blacklist
name cisco.invalid
 

 
Related Commands

Command
Description

address

Adds an IP address to the blacklist or whitelist.

clear configure dynamic-filter

Clears the running Botnet Traffic Filter configuration.

clear dynamic-filter dns-snoop

Clears Botnet Traffic Filter DNS snooping data.

clear dynamic-filter reports

Clears Botnet Traffic filter report data.

clear dynamic-filter statistics

Clears Botnet Traffic filter statistics.

dns domain-lookup

Enables the ASA to send DNS requests to a DNS server to perform a name lookup for supported commands.

dns server-group

Identifies a DNS server for the ASA.

dynamic-filter ambiguous-is-black

Treats greylisted traffic as blacklisted traffic for action purposes.

dynamic-filter blacklist

Edits the Botnet Traffic Filter blacklist.

dynamic-filter database fetch

Manually retrieves the Botnet Traffic Filter dynamic database.

dynamic-filter database find

Searches the dynamic database for a domain name or IP address.

dynamic-filter database purge

Manually deletes the Botnet Traffic Filter dynamic database.

dynamic-filter drop blacklist

Automatically drops blacklisted traffic.

dynamic-filter enable

Enables the Botnet Traffic Filter for a class of traffic or for all traffic if you do not specify an access list.

dynamic-filter updater-client enable

Enables downloading of the dynamic database.

dynamic-filter use-database

Enables use of the dynamic database.

dynamic-filter whitelist

Edits the Botnet Traffic Filter whitelist.

inspect dns dynamic-filter-snoop

Enables DNS inspection with Botnet Traffic Filter snooping.

name

Adds a name to the blacklist or whitelist.

show asp table dynamic-filter

Shows the Botnet Traffic Filter rules that are installed in the accelerated security path.

show dynamic-filter data

Shows information about the dynamic database, including when the dynamic database was last downloaded, the version of the database, how many entries the database contains, and 10 sample entries.

show dynamic-filter dns-snoop

Shows the Botnet Traffic Filter DNS snooping summary, or with the detail keyword, the actual IP addresses and names.

show dynamic-filter reports

Generates reports of the top 10 botnet sites, ports, and infected hosts.

show dynamic-filter statistics

Shows how many connections were monitored with the Botnet Traffic Filter, and how many of those connections match the whitelist, blacklist, and greylist.

show dynamic-filter updater-client

Shows information about the updater server, including the server IP address, the next time the ASA will connect with the server, and the database version last installed.

show running-config enable

To show the encrypted enable passwords, use the show running-config enable command in privileged EXEC mode.

show running-config enable

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from the show enable command.

 
Usage Guidelines

The password is saved to the configuration in encrypted form, so you cannot view the original password after you enter it. The password displays with the encrypted keyword to indicate that the password is encrypted.

Examples

The following is sample output from the show running-config enable command:

ciscoasa# show running-config enable
enable password 2AfK9Kjr3BE2/J2r level 10 encrypted
enable password 8Ry2YjIyt7RRXU24 encrypted

 
Related Commands

Command
Description

disable

Exits privileged EXEC mode.

enable

Enters privileged EXEC mode.

enable password

Sets the enable password.

show running-config established

To display the allowed inbound connections that are based on established connections, use the show running-config established command in privileged EXEC mode.

show running-config established

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

The keyword running-config was added.

 
Usage Guidelines

This command has no usage guidelines.

Examples

This example shows how to display inbound connections that are based on established connections:

ciscoasa# show running-config established

 
Related Commands

Command
Description

established

Permits return connections on ports that are based on an established connection.

clear configure established

Removes all established commands.

show running-config failover

To display the failover commands in the configuration, use the show running-config failover command in privileged EXEC mode.

show running-config [ all ] failover

 
Syntax Description

all

(Optional) Shows all failover commands, including the commands you have not changed from the default.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

The show running-config failover command displays the failover commands in the running configuration. It does not display the monitor-interface or join-failover-group commands.

Examples

The following example shows the default failover configuration before failover has been configured:

ciscoasa# show running-config all failover
no failover
failover lan unit secondary
failover polltime unit 15 holdtime 45
failover polltime interface 15
failover interface policy 1
 

 
Related Commands

Command
Description

show failover

Displays failover state and statistics.

show running-config filter

To show the filtering configuration, use the show running-config filter command in privileged EXEC mode.

show running-config filter

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

The show running-config filter command displays the filtering configuration for the ASA.

Examples

The following is sample output from the show running-config filter command, and shows the filtering configuration for the ASA:

ciscoasa# show running-config filter
!
filter activex 80 10.86.194.170 255.255.255.255 10.1.1.0 255.255.255.224
!

This example shows ActiveX filtering is enabled on port80 for the address 10.86.194.170.

 
Related Commands

Commands
Description

filter activex

Removes ActiveX objects from HTTP traffic passing through the ASA.

filter ftp

Identifies the FTP traffic to be filtered by a URL filtering server.

filter https

Identifies the HTTPS traffic to be filtered by a Websense server.

filter java

Removes Java applets from HTTP traffic passing through the ASA.

filter url

Directs traffic to a URL filtering server.

show running-config fips

To display the FIPS configuration that is running on the security appliance, use the show running-config fips command.

show running-config fips

 
Syntax Description

fips

Shows FIPS-2 compliance information

 
Defaults

This command has no default settings.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration

  •  

 
Command History

Release
Modification

7.0(4)

This command was introduced.

 
Usage Guidelines

The show running-config fips command allows you to display the current running fips configuration. You use the running-config keyword only in the show running-config fips command. You cannot use this keyword with no or clear, or as a standalone command as it is not supported. When you enter the ?, no ?, or clear ? keywords, a running-config keyword is not listed in the command list.

Examples

ciscoasa(config)# show running-config fips
 

 
Related Commands

Command
Description

clear configure fips

Clears the system or module FIPS configuration information stored in NVRAM.

crashinfo console disable

Disables the reading, writing and configuration of crash write info to flash.

fips enable

Enables or disablea policy-checking to enforce FIPS compliance on the system or module.

show crashinfo console

Reads, writes, and configures crash write to flash.

show running-config flow-export

To display the configured NetFlow commands, use the show running-config flow-export command in privileged EXEC mode.

show running-config flow-export [ active | delay | destination | template ]

 
Syntax Description

active

Shows the flow-export active configuration.

delay

Shows the flow-export delay configuration.

destination

Shows the flow-export destination configuration.

template

Shows the flow-export template configuration.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

8.1(2)

This command was introduced.

8.4(5)

The active keyword was added.

 
Usage Guidelines

The additional keywords are provided to filter the commands that are to be displayed.

Examples

The following is sample output from the show running-config flow-export active command:

ciscoasa# show running-config flow-export active
flow-export active refresh-interval 2
 

The following is sample output from the show running-config flow-export delay command:

hostname(config)# show running-config flow-export delay
flow-export delay flow-create 30
 

The following is sample output from the show running-config flow-export destination command:

hostname(config)# show running-config flow-export destination
flow-export destination inside 192.68.10.70 9996
 

The following is sample output from the show running-config flow-export template command:

hostname(config)# show running-config flow-export template
flow-export template timeout-rate 1
 

 
Related Commands

Command
Description

clear configure flow-export

Removes all the NetFlow flow-export configurations.

flow-export active refresh-interval

Changes the time interval at which periodic flow-update events are sent to the NetFlow collector.

flow-export delay flow-create

Delays export of the flow-create event.

flow-export destination

Configures a collector to which NetFlow packets are sent.

flow-export template timeout-rate

Controls the interval at which the template information is sent to NetFlow collectors.

show running-config fragment

To display the current configuration of the fragment databases, use the show running-config fragment command in privileged EXEC mode.

show running-config fragment [ interface ]

 
Syntax Description

interface

(Optional) Specifies the ASA interface.

 
Defaults

If an interface is not specified, the command applies to all interfaces.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

The show running-config fragment command displays the current configuration of the fragment databases. If you specify an interface name, only information for the database residing at the specified interface displays. If you do not specify an interface name, the command applies to all interfaces.

Use the show running-config fragment command to display this information:

  • Size—Maximum number of packets set by the size keyword. This value is the maximum number of fragments that are allowed on the interface.
  • Chain—Maximum number of fragments for a single packet set by the chain keyword.
  • Timeout—Maximum number of seconds set by the timeout keyword. This is the maximum number of seconds to wait for an entire fragmented packet to arrive. The timer starts after the first fragment of a packet arrives. If all fragments of the packet do not arrive by the number of seconds specified, all fragments of the packet that were already received will be discarded.

Examples

The following example shows how to display the states of the fragment databases on all interfaces:

ciscoasa# show running-config fragment
fragment size 200 inside
fragment chain 24 inside
fragment timeout 5 inside
fragment size 200 outside1
fragment chain 24 outside1
fragment timeout 5 outside1
fragment size 200 outside2
fragment chain 24 outside2
fragment timeout 5 outside2
fragment size 200 outside3
fragment chain 24 outside3
fragment timeout 5 outside3
 

The following example shows how to display the states of the fragment databases on interfaces that start with the name “outside”:


Note In this example, the interfaces named “outside1”, “outside2”, and “outside3” display.


ciscoasa# show running-config fragment outside
fragment size 200 outside1
fragment chain 24 outside1
fragment timeout 5 outside1
fragment size 200 outside2
fragment chain 24 outside2
fragment timeout 5 outside2
fragment size 200 outside3
fragment chain 24 outside3
fragment timeout 5 outside3
 

The following example shows how to display the states of the fragment databases on the interfaces named “outside1” only:

ciscoasa# show running-config fragment outside1
fragment size 200 outside1
fragment chain 24 outside1
fragment timeout 5 outside1
 

 
Related Commands

Command
Description

clear configure fragment

Resets all the IP fragment reassembly configurations to defaults.

clear fragment

Clears the operational data of the IP fragment reassembly module.

fragment

Provides additional management of packet fragmentation and improves compatibility with NFS.

show fragment

Displays the operational data of the IP fragment reassembly module.

show running-config ftp mode

To show the client mode configured for FTP, use the show running-config ftp mode command in privileged EXEC mode.

show running-config ftp mode

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

The show running-config ftp mode command displays the client mode that is used by the ASA when accessing an FTP server.

Examples

The following is sample output from the show running-config ftp-mode command:

ciscoasa# show running-config ftp-mode
!
ftp-mode passive
!

 
Related Commands

Commands
Description

copy

Uploads or downloads image files or configuration files to or from an FTP server.

debug ftp client

Displays detailed information about FTP client activity.

ftp mode passive

Sets the FTP client mode used by the ASA when accessing an FTP server.

show running-config global

To display the global commands in the configuration, use the show running-config global command in privileged EXEC mode.

show running-config global

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

  •  
  •  

 
Command History

Release
Modification

7.0(1)

Added keyword running-config .

Examples

The following is sample output from the show running-config global command:

ciscoasa# show running-config global
global (outside1) 10 interface
 

 
Related Commands

Command
Description

clear configure global

Removes global commands from the configuration.

global

Creates entries from a pool of global addresses.

show running-config group-delimiter

To display the current delimiter to be used when parsing group names from the user names that are received when tunnels are being negotiated, use the show running-config group-delimiter command in global configuration mode or in tunnel-group ipsec-attributes configuration mode.

show running-config group-delimiter

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration

  •  
  •  

  •  

Tunnel-group ipsec-attributes configuration

  •  

  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

7.1(1)

Added tunnel-group ipsec-attributes configuration mode.

 
Usage Guidelines

Use this command to display the currently configured group-delimiter.

Examples

This example shows a show running-config group-delimiter command and its output:

ciscoasa(config)# show running-config group-delimiter
group-delimiter @
 

 
Related Commands

Command
Description

group-delimiter

Enables group-name parsing and specifies the delimiter to be used when parsing group names from the user names that are received when tunnels are being negotiated.

s how running-config group-policy

To display the running configuration for a particular group policy, use the show running-config group-policy command in privileged EXEC mode and append the name of the group policy. To display the running configuration for all group policies, use this command without naming a specific group policy. To have either display include the default configuration, use the all keyword.

show running-config [all] group-policy [ name ]

 
Syntax Description

all

(Optional) Displays the running configuration including default values.

name

(Optional) Specifies the name of the group policy.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

  •  

Global configuration

  •  

  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

Examples

The following example shows how to display the running configuration, including default values, for the group policy named FirstGroup:

hostname# show running-config all group-policy FirstGroup
 

 
Related Commands

Command
Description

group-policy

Creates, edits, or removes a group policy.

group-policy attributes

Enters group-policy attributes mode, which lets you configure AVPs for a specified group policy.

clear config group-policy

Removes the configuration for a particular group policy or for all group policies.

show running-config hpm

To display the hpm configuration, use the show running-config hpm command in privileged EXEC mode.

show running-config [all] hpm

 
Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.

 
Command Default

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

8.3(1)

This command was introduced.

Examples

The following is sample output from the show running-config hpm command:

ciscoasa# show running-config hpm
hpm topn enable

 
Related Commands

Command
Description

clear configure hpm

Clears the hpm configuration.

hpm topn enable

Enables top hosts reporting in ASDM.

show running-config http

To display the current set of configured http commands, use the show running-config http command in privileged EXEC mode.

show running-config http

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

  •  

Global configuration

  •  

  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

Examples

The following sample output shows how to use the show running-config http command:

ciscoasa# show running-config http
http server enabled
0.0.0.0 0.0.0.0 inside
 

 
Related Commands

Command
Description

clear http

Remove the HTTP configuration: disable the HTTP server and remove hosts that can access the HTTP server.

http

Specifies hosts that can access the HTTP server by IP address and subnet mask. Specifies the ASA interface through which the host accesses the HTTP server.

http authentication-certificate

Requires authentication via certificate from users who are establishing HTTPS connections to the ASA.

http redirect

Specifies that the ASA redirect HTTP connections to HTTPS.

http server enable

Enables the HTTP server.

show running-config icmp

To show the access rules configured for ICMP traffic, use the show running-config icmp command in privileged EXEC mode.

show running-config icmp map_name

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  
  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

The show running-config icmp command displays the access rules configured for ICMP traffic.

Examples

The following is sample output from the show running-config icmp command:

ciscoasa# show running-config icmp
!
icmp permit host 172.16.2.15 echo-reply outside
icmp permit 172.22.1.0 255.255.0.0 echo-reply outside
icmp permit any unreachable outside
!

 
Related Commands

Commands
Description

clear configure icmp

Clears the ICMP configuration.

debug icmp

Enables the display of debug information for ICMP.

show icmp

Displays ICMP configuration.

timeout icmp

Configures the idle timeout for ICMP.

show running-config imap4s

To display the running configuration for IMAP4S, use the s how running-config imap4s command in privileged EXEC mode.

show running-config [ all ] imap4s

 
Syntax Description

all

(Optional) Displays the running configuration including default values.

 
Defaults

No default behavior or values.

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

  •  

Global configuration

Webvpn

Examples

The following is sample output from the show running-config imap4s command:

ciscoasa# show running-config imap4s
 
imap4s
server 10.160.105.2
authentication-server-group KerbSvr
authentication aaa
 
ciscoasa# show running-config all imap4s
 
imap4s
port 993
server 10.160.105.2
outstanding 20
name-separator :
server-separator @
authentication-server-group KerbSvr
no authorization-server-group
no accounting-server-group
no default-group-policy
authentication aaa
 

 
Related Commands

Command
Description

clear configure imap4s

Removes the IMAP4S configuration.

imap4s

Creates or edits an IMAP4S e-mail proxy configuration.

show running-config interface

To show the interface configuration in the running configuration, use the s how running-config interface command in privileged EXEC mode.

show running-config [ all ] interface [ physical_interface [ . subinterface ] | mapped_name | interface_name ]

 
Syntax Description

all

(Optional) Shows all interface commands, including the commands you have not changed from the default.

interface_name

(Optional) Identifies the interface name set with the nameif command.

mapped_name

(Optional) In multiple context mode, identifies the mapped name if it was assigned using the allocate-interface command.

physical_interface

(Optional) Identifies the interface ID, such as gigabit ethernet0/1 . See the interface command for accepted values.

subinterface

(Optional) Identifies an integer between 1 and 4294967293 designating a logical subinterface.

 
Defaults

If you do not specify an interface, this command shows the configuration for all interfaces.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

You cannot use the interface name in the system execution space, because the nameif command is only available within a context. Similarly, if you mapped the interface ID to a mapped name using the allocate-interface command, you can only use the mapped name in a context.

Examples

The following is sample output from the show running-config interface command. The following example shows the running configuration for all interfaces. The GigabitEthernet0/2 and 0/3 interfaces have not been configured yet, and show the default configuration. The Management0/0 interface also shows the default settings.

ciscoasa# show running-config interface
!
interface GigabitEthernet0/0
no shutdown
nameif inside
security-level 100
ip address 10.86.194.60 255.255.254.0
webvpn enable
!
interface GigabitEthernet0/1
no shutdown
nameif test
security-level 0
ip address 10.10.4.200 255.255.0.0
!
interface GigabitEthernet0/1.1
vlan 101
no shutdown
nameif dmz
security-level 50
ip address 10.50.1.1 255.255.255.0
mac-address 000C.F142.4CDE standby 020C.F142.4CDE
!
interface GigabitEthernet0/2
shutdown
no nameif
security-level 0
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
security-level 0
no ip address
!
interface Management0/0
shutdown
no nameif
security-level 0
no ip address
 

 
Related CommandsInterface Security-profile1 "profile1-ifc", is up, line protocol is up

 
Related Commands Security-profile profile1, ID 142

 
Related Commands Service-interface is inside

 
Related Commands Traffic Statistics for "profile1-ifc":

 
Related Commands 6 packets input, 168 bytes

 
Related Commands 0 packets output, 0 bytes

 
Related Commands 2 packets dropped

 
Related Commands 1 minute input rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 1 minute output rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 1 minute drop rate, 0 pkts/sec

 
Related Commands 5 minute input rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 5 minute output rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 5 minute drop rate, 0 pkts/sec

 
Related CommandsInterface Security-profile1 "profile1-ifc", is up, line protocol is up

 
Related Commands Security-profile profile1, ID 142

 
Related Commands Service-interface is inside

 
Related Commands Traffic Statistics for "profile1-ifc":

 
Related Commands 6 packets input, 168 bytes

 
Related Commands 0 packets output, 0 bytes

 
Related Commands 2 packets dropped

 
Related Commands 1 minute input rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 1 minute output rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 1 minute drop rate, 0 pkts/sec

 
Related Commands 5 minute input rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 5 minute output rate 0 pkts/sec, 0 bytes/sec

 
Related Commands 5 minute drop rate, 0 pkts/sec

 
Related Commands

Command
Description

allocate-interface

Assigns interfaces and subinterfaces to a security context.

clear configure interface

Clears the interface configuration.

interface

Configures an interface and enters interface configuration mode.

nameif

Sets the interface name.

show interface

Displays the runtime status and statistics of interfaces.

show running-config interface bvi

To view the bridge virtual interface configuration in the running configuration, use the show running-config interface bvi command in privileged EXEC mode.

show running-config [ all ] interface bvi bridge_group_number

 
Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.

bridge_group_number

Specifies the bridge group number as an integer between 1 and 100.

 
Command Default

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

8.4(1)

We introduced this command.

Examples

The following is sample output from the show running-config interface bvi command:

hostname# show running-config interface bvi 1
 
interface BVI1
 

 
Related Commands

Command
Description

bridge-group

Groups transparent firewall interfaces into a bridge group.

clear configure interface bvi

Clears the bridge group interface configuration.

interface

Configures an interface.

interface bvi

Creates a bridge virtual interface.

ip address

Sets the management IP address for a bridge group.

show bridge-group

Shows bridge group information, including member interfaces and IP addresses.

show running-config ip address

To show the IP address configuration in the running configuration, use the s how running-config ip address command in privileged EXEC mode.

show running-config ip address [ physical_interface [ . subinterface ] | mapped_name | interface_name ]

 
Syntax Description

interface_name

(Optional) Identifies the interface name set with the nameif command.

mapped_name

(Optional) In multiple context mode, identifies the mapped name if it was assigned using the allocate-interface command.

physical_interface

(Optional) Identifies the interface ID, such as gigabit ethernet0/1 . See the interface command for accepted values.

subinterface

(Optional) Identifies an integer between 1 and 4294967293 designating a logical subinterface.

 
Defaults

If you do not specify an interface, this command shows the IP address configuration for all interfaces.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was introduced.

 
Usage Guidelines

In multiple context mode, if you mapped the interface ID in the allocate-interface command, you can only specify the mapped name or the interface name in a context.

In transparent firewall mode, do not specify an interface because this command shows only the management IP address; the transparent firewall does not have IP addresses associated with interfaces.

This display also shows the nameif command and security-level command configuration.

Examples

The following is sample output from the show running-config ip address command:

ciscoasa# show running-config ip address
!
interface GigabitEthernet0/0
nameif inside
security-level 100
ip address 10.86.194.60 255.255.254.0
!
interface GigabitEthernet0/1
nameif test
security-level 0
ip address 10.10.4.200 255.255.0.0
!
 

 
Related Commands

Command
Description

clear configure interface

Clears the interface configuration.

interface

Configures an interface and enters interface configuration mode.

ip address

Sets the IP address for the interface or sets the management IP address for a transparent firewall.

nameif

Sets the interface name.

security-level

Sets the security level for the interface.

show running-config ip audit attack

To show the ip audit attack configuration in the running configuration, use the show running-config ip audit attack command in privileged EXEC mode.

show running-config ip audit attack

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip audit attack .

Examples

The following is sample output from the show running-config ip audit attack command:

ciscoasa# show running-config ip audit attack
ip audit attack action drop
 

 
Related Commands

Command
Description

ip audit attack

Sets the default actions for packets that match an attack signature.

ip audit info

Sets the default actions for packets that match an informational signature.

ip audit interface

Assigns an audit policy to an interface.

ip audit name

Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.

ip audit signature

Disables a signature.

show running-config ip audit info

To show the ip audit info configuration in the running configuration, use the show running-config ip audit info command in privileged EXEC mode.

show running-config ip audit info

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip audit info .

Examples

The following is sample output from the show running-config ip audit info command:

ciscoasa# show running-config ip audit info
ip audit info action drop
 

 
Related Commands

Command
Description

ip audit attack

Sets the default actions for packets that match an attack signature.

ip audit info

Sets the default actions for packets that match an informational signature.

ip audit interface

Assigns an audit policy to an interface.

ip audit name

Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.

ip audit signature

Disables a signature.

show running-config ip audit interface

To show the ip audit interface configuration in the running configuration, use the show running-config ip audit interface command in privileged EXEC mode.

show running-config ip audit interface [ interface_name ]

 
Syntax Description

interface_name

(Optional) Specifies the interface name.

 
Defaults

If you do not specify an interface name, this command shows the configuration for all interfaces.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip audit interface .

Examples

The following is sample output from the show running-config ip audit interface command:

ciscoasa# show running-config ip audit interface
ip audit interface inside insidepolicy
ip audit interface outside outsidepolicy
 

 
Related Commands

Command
Description

ip audit attack

Sets the default actions for packets that match an attack signature.

ip audit info

Sets the default actions for packets that match an informational signature.

ip audit interface

Assigns an audit policy to an interface.

ip audit name

Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.

ip audit signature

Disables a signature.

show running-config ip audit name

To show the ip audit name configuration in the running configuration, use the show running-config ip audit name command in privileged EXEC mode.

show running-config ip audit name [ name [ info | attack ]]

 
Syntax Description

attack

(Optional) Shows the named audit policy configuration for attack signatures.

info

(Optional) Shows the named audit policy configuration for informational signatures.

name

(Optional) Shows the configuration for the audit policy name created using the ip audit name command.

 
Defaults

If you do not specify a name, this command shows the configuration for all audit policies.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip audit name .

Examples

The following is sample output from the show running-config ip audit name command:

ciscoasa# show running-config ip audit name
ip audit name insidepolicy1 attack action alarm
ip audit name insidepolicy2 info action alarm
ip audit name outsidepolicy1 attack action reset
ip audit name outsidepolicy2 info action alarm
 

 
Related Commands

Command
Description

ip audit attack

Sets the default actions for packets that match an attack signature.

ip audit info

Sets the default actions for packets that match an informational signature.

ip audit interface

Assigns an audit policy to an interface.

ip audit name

Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.

ip audit signature

Disables a signature.

show running-config ip audit signature

To show the ip audit signature configuration in the running configuration, use the show running-config ip audit signature command in privileged EXEC mode.

show running-config ip audit signature [ signature_number ]

 
Syntax Description

signature_number

(Optional) Shows the configuration for the signature number, if present. See the ip audit signature command for a list of supported signatures.

 
Defaults

If you do not specify a number, this command shows the configuration for all signatures.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip audit signature .

Examples

The following is sample output from the show running-config ip audit signature command:

ciscoasa# show running-config ip audit signature
ip audit signature 1000 disable
 

 
Related Commands

Command
Description

ip audit attack

Sets the default actions for packets that match an attack signature.

ip audit info

Sets the default actions for packets that match an informational signature.

ip audit interface

Assigns an audit policy to an interface.

ip audit name

Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.

ip audit signature

Disables a signature.

show running-config ip local pool

To display IP address pools, use the show running-config ip local pool command in privileged EXEC mode.

show running-config ip local pool [ poolname ]

 
Syntax Description

poolname

(Optional) Specifies the name of the IP address pool.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

Global configuration

 
Command History

Release
Modification

7.0(1)

This command was introduced.

Examples

The following is sample output from the show running-config ip local pool command:

ciscoasa(config)# show running-config ip local pool firstpool
 
Pool Begin End Mask Free In use
firstpool 10.20.30.40 10.20.30.50 255.255.255.0 11
0
Available Addresses:
10.20.30.40
10.20.30.41
10.20.30.42
10.20.30.43
10.20.30.44
10.20.30.45
10.20.30.46
10.20.30.47
10.20.30.48
10.20.30.49
10.20.30.50
 

 
Related Commands

Command
Description

clear configure ip local pool

Removes all ip local pools

ip local pool

Configures an IP address pool.

show running-config ip verify reverse-path

To show the ip verify reverse-path configuration in the running configuration, use the show running-config ip verify reverse-path command in privileged EXEC mode.

show running-config ip verify reverse-path [interface interface_name ]

 
Syntax Description

interface interface_name

(Optional) Shows the configuration for the specified interface.

 
Defaults

This command shows the configuration for all interfaces.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

This command was changed from show ip verify reverse-path .

Examples

The following is sample output from the show ip verify statistics command:

ciscoasa# show running-config ip verify reverse-path
ip verify reverse-path interface inside
ip verify reverse-path interface outside
ip verify reverse-path interface dmz
 

 
Related Commands

Command
Description

clear configure ip verify reverse-path

Clears the ip verify reverse-path configuration.

clear ip verify statistics

Clears the Unicast RPF statistics.

ip verify reverse-path

Enables the Unicast Reverse Path Forwarding feature to prevent IP spoofing.

show ip verify statistics

Shows the Unicast RPF statistics.

show running-config ipv6

To display the IPv6 commands in the running configuration, use the show running-config ipv6 command in privileged EXEC mode.

show running-config [ all ] ipv6

 
Syntax Description

all

(Optional) Shows all ipv6 commands, including the commands you have not changed from the default, in the running configuration.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

 
Command History

Release
Modification

7.0(1)

This command was introduced.

Examples

The following is sample output from the show running-config ipv6 command:

ciscoasa# show running-config ipv6
ipv6 unicast-routing
ipv6 route vlan101 ::/0 fec0::65:0:0:a0a:6575
ipv6 access-list outside_inbound_ipv6 permit ip any any
ipv6 access-list vlan101_inbound_ipv6 permit ip any any
ciscoasa#
 

 
Related Commands

Command
Description

debug ipv6

Displays IPv6 debugging messages.

show ipv6 access-list

Displays the IPv6 access list.

show ipv6 interface

Displays the status of the IPv6 interfaces.

show ipv6 route

Displays the contents of the IPv6 routing table.

show ipv6 traffic

Displays IPv6 traffic statistics.

show running-config ipv6 router

To display the running configuration of OSPFv3 for IPv6, use the show running-config ipv6 router command in user EXEC or privileged EXEC mode.

show running-config ipv6 router { ospf }

 
Syntax Description

ospf

Shows the running configuration for OSPFv3 processes.

 
Command Default

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

  •  

  •  

User EXEC

 
Command History

Release
Modification

9.0(1)

This command was introduced.

Examples

The following is sample output from the show running-config ipv6 router command:

ciscoasa# show running-config ipv6 router
ipv6 unicast-routing
ipv6 route vlan101 ::/0 fec0::65:0:0:a0a:6575
 

 
Related Commands

Command
Description

clear ipv6 ospf

Deletes all IPv6 settings in the OSPFv3 routing process.

debug ospfv3

Provides debugging information for troubleshooting OSPFv3 routing processes.

show running-config isakmp

To display the complete ISAKMP configuration, use the show running-config isakmp command in global configuration or privileged EXEC mode.

show running-config isakmp

 
Syntax Description

This command has no default behavior or values.

 
Defaults

No default behavior or values.

 
Command Modes

The following table shows the modes in which you can enter the command:

 

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration

Privileged EXEC

 
Command History

Release
Modification

7.0(1)

The show running-config isakmp command was introduced.

7.2(1)

This command was deprecated. The show running-config crypto isakmp command replaces it.

Examples

The following example issued in global configuration mode, displays information about the ISKAKMP configuration:

ciscoasa(config)# show running-config isakmp
isakmp enable inside
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash md5
isakmp policy 1 group 2
isakmp policy 1 lifetime 86400
ciscoasa(config)#
 

 
Related Commands

Command
Description

clear configure isakmp

Clears all the ISAKMP configuration.

clear configure isakmp policy

Clears all ISAKMP policy configuration.

clear isakmp sa

Clears the IKE runtime SA database.

isakmp enable

Enables ISAKMP negotiation on the interface on which the IPsec peer communicates with the ASA.

show isakmp sa

Displays IKE runtime SA database with additional information.