Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Command Reference, 3.1
show running-config logging through show running-config vpn-sessiondb
Downloads: This chapterpdf (PDF - 568.0KB) The complete bookPDF (PDF - 39.84MB) | Feedback

show running-config logging through show running-config vpn-sessiondb Commands

Table Of Contents

show running-config logging through show running-config vpn-sessiondb Commands

show running-config logging

show running-config logging rate-limit

show running-config mac-address-table

show running-config mac-learn

show running-config mac-list

show running-config management-access

show running-config mgcp-map

show running-config monitor-interface

show running-config mroute

show running-config mtu

show running-config multicast-routing

show running-config name

show running-config nameif

show running-config names

show running-config nat

show running-config nat-control

show running-config object-group

show running-config passwd

show running-config pim

show running-config policy-map

show running-config prefix-list

show running-config privilege

show running-config rip

show running-config route

show running-config route-map

show running-config router

show running-config same-security-traffic

show running-config service

show running-config service-policy

show running-config snmp-map

show running-config snmp-server

show running-config ssh

show running-config static

show running-config sunrpc-server

show running-config sysopt

show running-config telnet

show running-config terminal

show running-config tftp-server

show running-config time-range

show running-config timeout

show running-config tunnel-group

show running-config url-block

show running-config url-cache

show running-config url-server

show running-config username

show running-config virtual

show running-configuration vpn-sessiondb


show running-config logging through show running-config vpn-sessiondb Commands


show running-config logging

To display all currently running logging configuration settings, use the show running-config logging command in privileged EXEC mode.

show running-config [all] logging [level | disabled]

Syntax Description

all

(Optional) Displays the logging configuration, including commands that you have not changed from the default.

disabled

(Optional) Displays only the disabled system log message configuration.

level

(Optional) Displays only the configuration for system log messages with a non-default severity level.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1

This command was changed from the show logging command.


Examples

The following is an example of the show running-config logging disabled command:

hostname# show running-config logging disabled

no logging message 720067

Related Commands

Command
Description

show logging

Shows the current contentsw of the log buffer and other log configuration settings.


show running-config logging rate-limit

To display messages that were disallowed because the current rate limit was exceeded, use the show running config logging rate-limit command.

show running-config logging rate-limit

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced on the FWSM.

3.1

The show logging rate-limit command was renamed show running-config logging rate-limit.


Usage Guidelines

After the information is cleared, nothing more displays until the hosts reestablish their connections.

Examples

The following example shows how to display the disallowed messages:


fwsm/context_name(config)# show logging rate-limit

Related Commands

Command
Description

clear logging rate-limit

Resets the rate limit setting to its default value.


show running-config mac-address-table

To view the mac-address-table static and mac-address-table aging-time configuration in the running configuration, use the show running-config mac-address-table command in privileged EXEC mode.

show running-config [all] mac-address-table

Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following is sample output from the show running-config mac-learn command:

hostname# show running-config mac-address-table
mac-address-table aging-time 50
mac-address-table static inside1 0010.7cbe.6101

Related Commands

Command
Description

firewall transparent

Sets the firewall mode to transparent.

mac-address-table aging-time

Sets the timeout for dynamic MAC address entries.

mac-address-table static

Adds static MAC address entries to the MAC address table.

mac-learn

Disables MAC address learning.

show mac-address-table

Shows the MAC address table, including dynamic and static entries.


show running-config mac-learn

To view the mac-learn configuration in the running configuration, use the show running-config mac-learn command in privileged EXEC mode.

show running-config [all] mac-learn

Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

2.2(1)

This command was introduced.

3.1(1)

This command was changed from show mac-learn.


Examples

The following is sample output from the show running-config mac-learn command:

hostname# show running-config mac-learn
mac-learn disable

Related Commands

Command
Description

firewall transparent

Sets the firewall mode to transparent.

mac-address-table static

Adds static MAC address entries to the MAC address table.

mac-learn

Disables MAC address learning.

show mac-address-table

Shows the MAC address table, including dynamic and static entries.


show running-config mac-list

To display a list of MAC addresses previously specified in a mac-list command with the indicated MAC list number, use the show running-config mac-list command in privileged EXEC mode.

show running-config mac-list id

Syntax Description

id

A hexadecimal MAC address list number.


Defaults

No default behaviors or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was modified to conform to CLI guidelines.


Usage Guidelines

The show running-config aaa command displays the mac-list command statements as part of the AAA configuration.

Examples

The following example shows how to display all MAC address lists:

hostname(config)# show running-config mac-list
mac-list adc permit 00a0.ca5d.0282 ffff.ffff.ffff
mac-list adc deny 00a1.ca5d.0282 ffff.ffff.ffff
mac-list ac permit 0050.54ff.0000 ffff.ffff.0000
mac-list ac deny 0061.54ff.b440 ffff.ffff.ffff
mac-list ac deny 0072.54ff.b440 ffff.ffff.ffff

The following example shows how to display a MAC address list with the id equal to adc:

hostname(config)# show running-config mac-list adc
mac-list adc permit 00a0.ca5d.0282 ffff.ffff.ffff
mac-list adc deny 00a1.ca5d.0282 ffff.ffff.ffff

Related Commands

Command
Description

mac-list

Add a list of MAC addresses using a first-match search.

clear configure mac-list

Remove the indicated mac-list command statements.

show running-config aaa

Display the running AAA configuration values.


show running-config management-access

To display the name of the internal interface configured for management access, use the show running-config management-access command in privileged EXEC mode.

show running-config management-access

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1

This command was introduced.


Usage Guidelines

The management-access command lets you define an internal management interface using the IP address of the firewall interface specified in mgmt_if. (The interface names are defined by the nameif command and displayed in quotes, " ", in the output of the show interface command.)

Examples

The following example shows how to configure a firewall interface named "inside" as the management access interface and display the result:

hostname# management-access inside
hostname# show running-config management-access
management-access inside

Related Commands

Command
Description

clear configure management-access

Removes the configuration of an internal interface for management access of the FWSM.

management-access

Configures an internal interface for management access.


show running-config mgcp-map

To show the MGCP maps that have been configured, use the show running-config mgcp-map command in privileged EXEC mode.

show running-config mgcp-map map_name

Syntax Description

map_name

Displays configuration for the specified MGCP map.


.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

The show running-config mgcp - map command displays the MGCP maps that have been configured.

Examples

The following is sample output from the show running-config mgcp-map command:

hostname# show running-config mgcp-map mgcp-policy
!
mgcp-map mgcp-policy
call-agent 10.10.11.5 101
call-agent 10.10.11.6 101
call-agent 10.10.11.7 102
call-agent 10.10.11.8 102
gateway 10.10.10.115 101
gateway 10.10.10.116 102
gateway 10.10.10.117 102
command-queue 150

Related Commands

Commands
Description

debug mgcp

Enables MGCP debug information.

mgcp-map

Defines an MGCP map and enables MGCP map configuration mode.

show conn

Displays the connection state for different connection types.

show mgcp

Displays information about MGCP sessions established through the FWSM.

timeout

Sets the maximum idle time duration for different protocols and session types.


show running-config monitor-interface

To display all monitor-interface commands in the running configuration, use the show running-config monitor-interface command in privileged EXEC mode.

show running-config [all] monitor-interface

Syntax Description

all

(Optional) Shows all monitor-interface commands, including the commands you have not changed from the default.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

2.2(1)

This command was introduced.


Usage Guidelines

The monitor-interface command is disabled on all virtual interfaces by default. You need to use the all keyword with this command to view the default configuration.

Examples

The following is sample output from the show running-config monitor-interface command. The first time the command is entered without the all keyword, so only the interface that has monitoring enabled appears in the output.

hostname# show running-config monitor-interface
monitor-interface outside
hostname#
hostname# show running-config all monitor-interface
no monitor-interface inside
monitor-interface outside
hostname#

Related Commands

Command
Description

monitor-interface

Enables health monitoring of a designated interface for failover purposes.

clear configure monitor-interface

Removes the monitor-interface commands in the running configuration and restores the default interface health monitoring stance.


show running-config mroute

To display the static multicast route table in the configuration use the show running-config mroute command in privileged EXEC mode.

show running-config mroute

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following is sample output from the show running-config mroute command:

hostname# show running-config mroute
mroute 10.1.1.0 255.255.255.0 inside 3

Related Commands

Command
Description

mroute

Configures a static multicast route.


show running-config mtu

To display the current maximum transmission unit block size, use the show running-config mtu command in privileged EXEC mode.

show running-config mtu [interface_name]

Syntax Description

interface_name

(Optional) Internal or external network interface name.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

3.1(1)

This command was changed from show mtu.


Examples

The following is sample output from the show running-config mtu command:

hostname# show running-config mtu
mtu outside 1500
mtu inside 1500
mtu dmz 1500
hostname# show running-config mtu outside
mtu outside 1500

Related Commands

Command
Description

clear configure mtu

Clears the configured maximum transmission unit values on all interfaces.

mtu

Specifies the maximum transmission unit for an interface.


show running-config multicast-routing

To display the multicast-routing command, if present, in the running configuration, use the show running-config multicast-routing command in privileged EXEC mode.

show running-config multicast-routing

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

The show running-config multicast-routing command displays the multicast-routing command in the running configuration. Enter the clear configure multicast-routing command to remove the multicast-routing command from the running configuration.

Examples

The following is sample output from the show running-config multicast-routing command:

hostname# show running-config multicast-routing

multicast-routing

Related Commands

Command
Description

clear configure multicast-routing

Removes the multicast-routing command from the running configuration.

multicast-routing

Enables multicast routing on the FWSM.


show running-config name

To display a list of names associated with IP addresses (configured with the name command), use the show running-config name command in privileged EXEC mode.

show running-config name

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show name command was introduced.

3.1(1)

This command was changed to show running-config name.


Examples

This example shows how to display a list of names associated with IP addresses:

hostname# show running-config name
name 192.168.42.3 fwsm_inside
name 209.165.201.3 fwsm_outside

Related Commands

Command
Description

clear configure name

Clears the list of names from the configuration.

name

Associates a name with an IP address.


show running-config nameif

To show the interface name configuration in the running configuration, use the show running-config nameif command in privileged EXEC mode.

show running-config nameif [mapped_name]

Syntax Description

mapped_name

(Optional) In multiple context mode, identifies the mapped name if it was assigned using the allocate-interface command.


Defaults

If you do not specify an interface, this command shows the interface name configuration for all interfaces.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show nameif command was introduced.

3.1(1)

This command was changed to show running-config nameif.


Usage Guidelines

In multiple context mode, if you mapped the interface ID in the allocate-interface command, you can only specify the mapped name in a context.

This display also shows the security-level command configuration.

Examples

The following is sample output from the show running-config nameif command:

hostname(config-if)# show running-config nameif
!
interface Vlan22
 nameif inside
 security-level 100
!
interface Vlan35
 nameif test
 security-level 0
!

Related Commands

Command
Description

allocate-interface

Assigns interfaces and subinterfaces to a security context.

clear configure interface

Clears the interface configuration.

interface

Configures an interface and enters interface configuration mode.

nameif

Sets the interface name.

security-level

Sets the security level for the interface.


show running-config names

To display the IP address-to-name conversions, use the show running-config names command in privileged EXEC mode.

show running-config names

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show names command was introduced.

3.1(1)

This command was changed to show running-config names.


Usage Guidelines

Use with the names command.

Examples

The following example shows how to display the IP address-to-name conversion:

hostname(config-if)# show running-config names
name 192.168.42.3 sa_inside
name 209.165.201.3 sa_outside

Related Commands

Command
Description

clear configure name

Clears the list of names from the configuration.

name

Associates a name with an IP address.

names

Enables IP address-to-name conversions that you can configured with the name command.

show running-config name

Displays a list of names associated with IP addresses.


show running-config nat

To display a pool of global IP addresses that are associated with a network, use the show running-config nat command in privileged EXEC mode.

show running-config nat [interface_name] [nat_id]

Syntax Description

interface_name

(Optional) Name of the network interface.

nat_id

(Optional) ID of the group of host or networks.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

2.2(1)

This command was modified to support UDP maximum connections for local hosts.

3.1(1)

This command was changed from show nat.


Usage Guidelines

This command displays the maximum connection value for the UDP protocol. Every time the UPD maximum connection value is not set, the value will be displayed as 0 by default and will not be applied.

Examples

The following example shows how to display a pool of global IP addresses that are associated with a network:

hostname# show running-config nat
nat (inside) 1001 10.7.2.0 255.255.255.224 0 0
nat (inside) 1001 10.7.2.32 255.255.255.224 0 0
nat (inside) 1001 10.7.2.64 255.255.255.224 0 0
nat (inside) 1002 10.7.2.96 255.255.255.224 0 0
nat (inside) 1002 10.7.2.128 255.255.255.224 0 0
nat (inside) 1002 10.7.2.160 255.255.255.224 0 0
nat (inside) 1003 10.7.2.192 255.255.255.224 0 0
nat (inside) 1003 10.7.2.224 255.255.255.224 0 0

Related Commands

Command
Description

clear configure nat

Removes the NAT configuration.

nat

Associates a network with a pool of global IP addresses.


show running-config nat-control

To show the NAT configuration requirement, use the show running-config nat-control command in privileged EXEC mode.

show running-config nat-control

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following is sample output from the show running-config nat-control command:

hostname# show running-config nat-control
no nat-control

Related Commands

Command
Description

nat

Defines an address on one interface that is translated to a global address on another interface.

nat-control

Allows inside hosts to communicate with outside networks without configuring a NAT rule.


show running-config object-group

To display the current object groups, use the show running-config object-group command in privileged EXEC mode.

show running-config [all] object-group [protocol | service | network | icmp-type | id obj_grp_id]

Syntax Description

icmp-type

(Optional) Displays ICMP type object groups.

id obj_grp_id

(Optional) Displays the specified object group.

network

(Optional) Displays network object groups.

protocol

(Optional) Displays protocol object groups.

service

(Optional) Displays service object groups.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

3.1(1)

This command was changed from show object-group.


Examples

The following is sample output from the show running-config object-group command:

hostname# show running-config object-group
object-group protocol proto_grp_1
	protocol-object udp
	protocol-object tcp
object-group service eng_service tcp
	port-object eq smtp
	port-object eq telnet
object-group icmp-type icmp-allowed
	icmp-object echo
	icmp-object time-exceeded

Related Commands

Command
Description

clear configure object-group

Removes all the object group commands from the configuration.

group-object

Adds network object groups.

network-object

Adds a network object to a network object group.

object-group

Defines object groups to optimize your configuration.

port-object

Adds a port object to a service object group.


show running-config passwd

To show the encrypted login passwords, use the show running-config passwd command in privileged EXEC mode.

show running-config {passwd | password}

Syntax Description

passwd | password

You can enter either command; they are aliased to each other.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show passwd command was introduced.

3.1(1)

This command was changed to show running-config passwd.


Usage Guidelines

The password is saved to the configuration in encrypted form, so you cannot view the original password after you enter it. The password displays with the encrypted keyword to indicate that the password is encrypted.

Examples

The following is sample output from the show running-config passwd command:

hostname# show running-config passwd
passwd 2AfK9Kjr3BE2/J2r encrypted

Related Commands

Command
Description

clear configure passwd

Clears the login password.

enable

Enters privileged EXEC mode.

enable password

Sets the enable password.

passwd

Sets the login password.

show curpriv

Shows the currently logged in username and the user privilege level.


show running-config pim

To display the PIM commands in the running configuration, use the show running-config pim command in privileged EXEC mode.

show running-config pim

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

The show running-config pim command displays the pim commands entered in global configuration mode. It does not show the pim commands entered in interface configuration mode. To see the pim commands entered in interface configuration mode, enter the show running-config interface command.

Examples

The following is sample output from the show running-config pim command:

hostname# show running-config pim

pim old-register-checksum
pim spt-threshold infinity

Related Commands

Command
Description

clear configure pim

Removes the pim commands from the running configuration.

show running-config interface

Displays interface configuration commands entered in interface configuration mode.


show running-config policy-map

To display all the policy-map configurations or the default policy-map configuration, use the show running-config policy-map command in privileged EXEC mode.

show running-config [all] policy-map

Syntax Description

all

(Optional) Display the default policy-map configuration.


Defaults

Omitting the all keyword displays only the explicitly configured policy-map configuration.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

Specifying the all keyword displays the default policy-map configuration as well as the explicitly configured policy-map configuration.

Examples

This example shows the use of the show running-config policy-map command for the policy map named localmap1, and the command output:

hostname# show running-config policy-map
!
policy-map localmap1
description this is a test.
class firstclass
ids promiscuous fail0close
set connection random-seq# enable
class class-default
!

Related Commands

Command
Description

policy-map

Configures a policy; that is, an association of a traffic class and one or more actions.

clear configure policy-map

Removes the entire policy configuration.


show running-config prefix-list

To display the prefix-list command in the running configuration, use the show running-config prefix-list command in privileged EXEC mode.

show running-config prefix-list

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

The prefix-list description commands always appear before their associated prefix-list commands in the running configuration. It does not matter what order you entered them.

Examples

The following is sample output from the show running-config prefix-list command:

hostname# show running-config prefix-list

!
prefix-list abc description A sample prefix list
prefix-list abc seq 5 permit 192.168.0.0/8 le 24
prefix-list abc seq 10 deny 10.0.0.0/8 le 32 
!

Related Commands

Command
Description

clear configure prefix-list

Clears the prefix-list commands from the running configuration.


show running-config privilege

To display the privileges for a command or a set of commands, use the show running-config privilege command in privileged EXEC mode.

show running-config [all] privilege [all | command command | level level]

Syntax Description

all

(Optional) First occurrence—displays the default privilege level.

all

(Optional) Second occurrence—displays the privilege level for all commands.

command command

(Optional) Displays the privilege level for a specific command.

level level

(Optional) Displays the commands that are configured with the specified level; valid values are from 0 to 15.


Defaults

No default behaviors or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show privilege command was introduced.

3.1(1)

This command was changed from show privilege.


Usage Guidelines

Use the show running-config privilege command to view the current privilege level.

Examples

hostname(config)# show running-config privilege level 0
privilege show level 0 command checksum
privilege show level 0 command curpriv
privilege configure level 0 mode enable command enable
privilege show level 0 command history
privilege configure level 0 command login
privilege configure level 0 command logout
privilege show level 0 command pager
privilege clear level 0 command pager
privilege configure level 0 command pager
privilege configure level 0 command quit
privilege show level 0 command version

Related Commands

Command
Description

clear configure privilege

Remove privilege command statements from the configuration.

privilege

Configure the command privilege levels.

show curpriv

Display current privilege level.

show running-config privilege

Display privilege levels for commands.


show running-config rip

To display the information about the RIP configuration, use the show running-config rip command in privileged EXEC mode.

show running-config [all] rip [interface_name]

Syntax Description

all

(Optional) Shows all RIP commands, including the commands you have not changed from the default.

interface_name

(Optional) Displays only the RIP commands for the specified interface.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced (as show rip).

3.1(1)

This command was changed from show rip to show running-config rip.


Examples

This example shows how to display RIP information:

hostname# show running-config rip
rip outside passive version 2 authentication md5 thisisakey 2
rip outside default version 2 authentication md5 thisisakey 2
rip inside passive version 1
rip dmz passive version 2

Related Commands

Command
Description

clear configure rip

Clears all RIP commands from the running configuration.

debug rip

Displays debug information for RIP.

rip

Configures RIP on the specified interface.


show running-config route

To display the route commands in the running configuration, use the show running-config route command in privileged EXEC mode.

show running-config [all] route

Syntax Description

No default behavior or values.

Defaults

This command has no arguments or keywords.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced (as show route).

3.1(1)

This command was changed from show route to show running-config route.


Examples

The following is sample output from the show running-config route command:

hostname# show running-config route
route outside 10.30.10.0 255.255.255.0 1

Related Commands

Command
Description

clear configure route

Removes the route commands from the configuration that do not contain the connect keyword.

route

Specifies a static or default route for the an interface.

show route

Displays route information.


show running-config route-map

To display the information about the route map configuration, use the show running-config route-map command in privileged EXEC mode.

show running-config route-map [map_tag]

Syntax Description

map_tag

(Optional) Text for the route-map tag.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced (as show route-map).

3.1(1)

This command was changed from show route-map to show running-config route-map.


Usage Guidelines

To show all route-maps defined in the configuration, use the show running-config route-map command. To show individual route-maps by name, use the show running-config route-map map_tag command, where map_tag is the name of the route-map. Multiple route maps may share the same map tag name.

Examples

The following is sample output from the show running-config route-map command:

hostname# show running-config route-map
route-map maptag1 permit sequence 10
set metric 5
match metric 3
route-map maptag1 permit sequence 12
set metric 5
match interface backup
match metric 3
route-map maptag2 deny sequence 10
match interface dmz

Related Commands

Command
Description

clear configure route-map

Removes the conditions for redistributing the routes from one routing protocol into another routing protocol.

route-map

Defines the conditions for redistributing routes from one routing protocol into another.


show running-config router

To display the global commands in the router configuration, use the show running-config router command in privileged EXEC mode.

show running-config [all] router [ospf [process_id]]

Syntax Description

all

Shows all router commands, including the commands you have not changed from the default.

ospf

(Optional) Displays only the OSPF commands in the configuration.

process_id

(Optional) Displays the commands for the selected OSPF process.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced (as show ip router).

3.1(1)

This command was changed from show router to show running-config router.


Examples

The following is sample output from the show running-config router command:

hostname# show running-config router ospf 1
router ospf 1
  log-adj-changes detail
  ignore lsa mospf
  no compatible rfc1583
  distance ospf external 200
  timers spf 10 20
  timers lsa-group-pacing 60

Related Commands

Command
Description

clear configure router

Clears all router commands from the running configuration.


show running-config same-security-traffic

To display the same-security interface communication, use the show running-config same-security-traffic command in privileged EXEC mode.

show running-config same-security-traffic {inter-interface | intra-interface}

Syntax Description

inter-interface

Permits communication between different interfaces that have the same security level.

intra-interface

Permits communication in and out of the same interface when traffic is IPSec protected.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

2.2(1)

The show-same-security-traffic command with the inter-interface keyword was introduced.

2.3(1)

Support for the intra-interface keyword was added.

3.1(1)

This command was changed to show running-config same-security-traffic.


Examples

The following is sample output from the show running-config same-security-traffic command:

hostname# show running-config same-security-traffic
same-security-traffic permit inter-interface

Related Commands

Command
Description

same-security-traffic

Permits communication between interfaces with equal security levels.


show running-config service

To display the service configuration, use the show running-config service command in privileged EXEC mode.

show running-config [all] service

Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

3.1(1)

This command was changed from show service.


Examples

This command shows how to display the system services:

hostname# show running-config service

service resetoutside

Related Commands

Command
Description

service

Enables system services.


show running-config service-policy

To display all currently running service policy configurations, use the show runnig-config service-policy command in global configuration mode.

show running-config service-policy

Syntax Description

default

Displays the default service policy.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

·

·

·

·

·


Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following is an example of the show running-config service-policy command:

hostname# show running-config service-policy

Related Commandshostname# show running-config servi

Command
Description

show service-policy

Displays the service policy.

service-policy

Configures service policies.

clear service-policy

Clears service policy configurations.

clear configure service-policy

Clears service policy configurations.


show running-config snmp-map

To show the SNMP maps that have been configured, use the show running-config snmp-map command in privileged EXEC mode.

show running-config snmp-map map_name

Syntax Description

map_name

Displays configuration for the specified SNMP map.


.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Usage Guidelines

The show running-config snmp - map command displays the SNMP maps that have been configured.

Examples

The following is sample output from the show running-config snmp-map command:

hostname# show running-config snmp-map snmp-policy
!
snmp-map snmp-policy
deny version 1
!

Related Commands

Commands
Description

class-map

Defines the traffic class to which to apply security actions.

deny version

Disallows traffic using a specific version of SNMP.

inspect snmp

Enable SNMP application inspection.

snmp-map

Defines an SNMP map and enables SNMP map configuration mode.


show running-config snmp-server

To display all currently running SNMP server configurations, use the show runnig-config snmp-server command in global configuration mode.

show running-config [default] snmp-server

Syntax Description

default

Displays the default snmp server configuration.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration

·

·

·

·

 

Command History

Release
Modification

3.1(1)

Support for this command was introduced.


Examples

The following is an example of the show running-config snmp-server command:

hostname# show running-config snmp-server

Related Commandshostname# show running-config servi

Command
Description

snmp-server

Configures the SNMP server.

clear snmp-server

Clears the SNMP server configuration.

show snmp-server statistics

Displays SNMP server configuration.


show running-config ssh

To show the SSH commands in the current configuration, use the show running-config ssh command in privileged EXEC mode.

show running-config [default] ssh [timeout | version]

show run [default] ssh [timeout]

Syntax Description

default

(Optional) Displays the default SSH configuration values along with the configured values.

timeout

(Optional) Displays the current SSH session timeout value.

version

(Optional) Displays the version of SSH currently being supported.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

The command was changed from the show ssh command to the show running-config ssh command.


Usage Guidelines

This command shows the current ssh configuration. To display only the SSH session timeout value, use the timeout option. To see a list of active SSH sessions, use the show ssh sessions command.

Examples

The following example displays the SSH session timeout:

hostname# show running-config timeout
ssh timeout 5 minutes
hostname# 

Related Commands

Command
Description

clear configure ssh

Clears all SSH commands from the running configuration.

ssh

Allows SSH connectivity to the FWSM from the specified client or network.

ssh scopy enable

Enables a secure copy server on the FWSM.

ssh timeout

Sets the timeout value for idle SSH sessions.

ssh version

Restricts the FWSM to using either SSH Version 1 or SSH Version 2.


show running-config static

To display all static commands in the configuration, use the show running-config static command in privileged EXEC mode.

show running-config static

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

2.2(1)

This command was modified to support UDP maximum connections for local hosts.

3.1(1)

This command was changed from show static.


Usage Guidelines

This command displays the maximum connections value for the UDP protocol. If the UDP maximum connections value is "0" or not set, the limit enforcement is disabled.

Examples

The following example shows how to display all static commands in the configuration:

hostname# show running-config static
static (inside,outside) 192.150.49.91 10.1.1.91 netmask 255.255.255.255
static (inside,outside) 192.150.49.200 10.1.1.200 netmask 255.255.255.255 tcp 255 0

Note No UDP value connection limit is shown.


Related Commands

Command
Description

clear configure static

Removes all the static commands from the configuration.

static

Configures a persistent one-to-one address translation rule by mapping a local IP address to a global IP address.


show running-config sunrpc-server

To display the information about the SunRPC configuration, use the show running-config sunrpc-server command in privileged EXEC mode.

show running-config sunrpc-server

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following is sample output from the show running-config sunrpc-server command:

hostname# show running-config sunrpc-server
inside 30.26.0.23 255.255.0.0 service 2147483647 protocol TCP port 2222 timeout 0:03:00

Related Commands

Command
Description

clear configure sunrpc-server

Clears the SunRPC services from the FWSM.

debug sunrpc

Enables debug information for SunRPC.

show conn

Displays the connection state for different connection types, including SunRPC.

sunrpc-server

Creates the SunRPC services table.

timeout

Sets the maximum idle time duration for different protocols and session types, including SunRPC.


show running-config sysopt

To show the sysopt command configuration in the running configuration, use the show running-config sysopt command in privileged EXEC mode.

show running-config [all] sysopt

Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

3.1(1)

This command was changed from show sysopt.


Examples

The following is sample output from the show running-config sysopt command:

hostname# show running-config sysopt
no sysopt connection timewait
sysopt connection tcpmss 1200
sysopt connection tcpmss minimum 400
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
no sysopt radius ignore-secret
sysopt connection permit-ipsec

Related Commands

Command
Description

clear configure sysopt

Clears the sysopt command configuration.

sysopt connection permit-ipsec

Permits any packets that come from an IPSec tunnel without checking any ACLs for interfaces.

sysopt connection tcpmss

Overrides the maximum TCP segment size or ensures that the maximum is not less than a specified size.

sysopt connection timewait

Forces each TCP connection to linger in a shortened TIME_WAIT state after the final normal TCP close-down sequence.

sysopt nodnsalias

Disables alteration of the DNS A record address when you use the alias command.


show running-config telnet

To display the current list of IP addresses that are authorized to use Telnet connections to the FWSM, use the show running-config telnet command in privileged EXEC mode. You can also use this command to display the number of minutes that a Telnet session can remain idle before being closed by the FWSM.

show running-config telnet [timeout]

Syntax Description

timeout

(Optional) Displays the number of minutes that a Telnet session can be idle before being closed by the FWSM.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

The keyword running-config was added.


Examples

This example shows how to display the current list of IP addresses that are authorized for use by Telnet connections to the FWSM:

hostname# show running-config telnet
2003 Jul 15 14:49:36 %MGMT-5-LOGIN_FAIL:User  failed to
log in from 209.165.200.225 through Telnet
2003 Jul 15 14:50:27 %MGMT-5-LOGIN_FAIL:User  failed to log in from 209.165. 200.225
through Telnet

Related Commands

Command
Description

clear configure telnet

Removes the Telnet connection from the configuration.

telnet

Adds Telnet access to the console and sets the idle timeout.


show running-config terminal

To display the current terminal settings, use the show running-config terminal command in privileged EXEC mode.

show running-config terminal

Syntax Description

This command has no keywords or arguments.

Defaults

The default display width is 80 columns.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show terminal command was introduced.

3.1(1)

This command was changed to show running-config terminal.


Examples

The following example clears the page length setting:

hostname# show running-config terminal

Width = 80, no monitor

Related Commands

Command
Description

clear configure terminal

Clears the terminal display width setting.

terminal

Sets the terminal line parameters.

terminal width

Sets the terminal display width.


show running-config tftp-server

To display the default TFTP server address and directory, use the show running-config tftp-server command in global configuration mode.

show running-config tftp-server

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration


Command History

Release
Modification

3.1(1)

Support for this command was introduced.


Examples

This example shows how to display the IP/IPv6 address of the default TFTP server and the directory of the configuration file:

hostname(config)# show running-config tftp-server
tftp-server inside 10.1.1.42 /temp/config/test_config

Related Commands

Command
Description

configure net

Loads the configuration from the TFTP server and path you specify.

tftp-server

Configures the default TFTP server address and the directory of the configuration file.


show running-config time-range

To display configured time ranges, use the show running-config time-range command in privileged EXEC mode.

show running-config time-range [time-range]

Syntax Description

time-range

(Optional) The name of the configured time range.


Defaults

Omitting the time-range value displays the configurations for all time ranges.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

This command was introduced


Examples

To display the running configuration for configured time ranges, use the following command:

hostname(config)# show running-config time-range
time-range test

absolute start 11:03 14 April 2006 end 11:06 14 April 2006

Related Commands

Command
Description

clear configure time-range

Clears the configured time ranges.

show time-range

Displays a time range.


show running-config timeout

To display the timeout value of all protocols, or just a specific one, use the show running-config timeout command in privileged EXEC mode.

show running-config [all] timeout [protocol]

Syntax Description

all

(Optional) Shows all commands, including the commands you have not changed from the default.

protocol

(Optional) Displays the timeout value of the specified protocol. Supported protocols are: xlate, conn, udp, icmp, rpc, h323, h225, mgcp, mgcp-pat, sip, sip_media, and uauth.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

This command was introduced.

3.1(1)

This command was changed from show timeout.


Examples

This example shows how to display the timeout values for the system:

hostname(config)# show timeout
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 rpc 0:10:00 h3
23 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02
:00
timeout uauth 0:00:00 absolute

Related Commands

Command
Description

clear configure timeout

Restores the default idle time durations.

timeout

Sets the maximum idle time duration.


show running-config tunnel-group

To display tunnel group information about all or a specified tunnel group and tunnel-group attributes, use the show running-config tunnel-group command in global configuration or privileged EXEC mode.

show running-config [all] tunnel-group [name [general-attributes | ipsec-attributes | ppp-attributes]]

Syntax Description

all

[Optional] Displays all tunnel-group commands, including the commands you have not changed from the default.

general-attributes

Displays configuration information for general attributes.

ipsec-attributes

Displays configuration information for IPSec attributes.

name

Specifies the name of the tunnel group.

ppp-attributes

Displays configuration information for PPP attributes.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Global configuration

 

   

Privileged EXEC

 

   

Command History

Release
Modification

3.1(1)

This command was introduced.


Examples

The following example entered in global configuration mode, displays the current configuration for all tunnel groups:

hostname(config)# show running-config tunnel-group
tunnel-group 209.165.200.225 type IPSec_L2L
tunnel-group 209.165.200.225 ipsec-attributes
pre-shared-key xyzx
hostname(config)# 

Related Commands

Command
Description

clear configure tunnel-group

Removes tunnel-group configuration

tunnel-group general-attributes

Enters subconfiguration mode for specifying general attributes for specified tunnel group.

tunnel-group ipsec-attributes

Enters subconfiguration mode for specifying IPSec attributes for specified tunnel group.

tunnel-group

Enters tunnel-group subconfiguration mode for the specified type.


show running-config url-block

To show the configuration for buffers and memory allocation used by URL filtering, use the show running-config url-block command in privileged EXEC mode.

show running-config url-block [ block | url-mempool | url-size ]

Syntax Description

block

Displays the configuration for the maximum number of blocks that will be buffered.

url-mempool

Displays the configuration for the maximum allow URL size (in KB).

url-size

Displays the configuration for the memory resource (in KB) allocated for the long URL buffer.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show url-block command was introduced.

3.1(1)

This command was changed from show url-block.


Usage Guidelines

The show running-config url-block command displays the configuration for buffers and memory allocation used by URL filtering.

Examples

The following is sample output from the show running-config url-block command:

hostname# show running-config url-block
!
url-block block 56
!

Related Commands

Commands
Description

clear url-block block statistics

Clears the block buffer usage counters.

show url-block

Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.

url-block

Manage the URL buffers used for web server responses.

url-cache

Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.

url-server

Identifies an N2H2 or Websense server for use with the filter command.


show running-config url-cache

To show the cache configuration used by URL filtering, use the show running-config url-cache command in privileged EXEC mode.

show running-config url-cache

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show url-cache command was introduced.

3.1(1)

This command was changed from show url-cache.


Usage Guidelines

The show running-config url-cache command displays the cache configuration used by URL filtering.

Examples

The following is sample output from the show running-config url-cache command:

hostname# show running-config url-cache
!
url-cache src_dst 128
!

Related Commands

Commands
Description

clear url-cache statistics

Removes url-cache command statements from the configuration.

filter url

Directs traffic to a URL filtering server.

show url-cache statistics

Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.

url-cache

Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.

url-server

Identifies an N2H2 or Websense server for use with the filter command.


show running-config url-server

To show the URL filtering server configuration, use the show running-config url-server command in privileged EXEC mode.

show running-config url-server

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show url-server command was introduced.

3.1(1)

This command was changed from show url-server.


Usage Guidelines

The show running-config url-server command displays the URL filtering server configuration.

Examples

The following is sample output from the show running-config url-server command:

hostname# show running-config url-server
!
url-server (perimeter) vendor websense host 10.0.1.1
!

Related Commands

Commands
Description

clear url-server

Clears the URL filtering server statistics.

show url-server

Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.

url-block

Manages the URL buffers used for web server responses while waiting for a filtering decision from the filtering server.

url-cache

Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.

url-server

Identifies an N2H2 or Websense server for use with the filter command.


show running-config username

To display the running configuration for a particular user, use the show running-config username command in privileged EXEC mode with the username appended. To display the running configuration for all users, use this command without a username.

show running-config [all] username [name] [attributes]]

Syntax Description

attributes

Displays the specific AVPs for the user(s)

all

[Optional] Displays all username commands, including the commands you have not changed from the default.

name

Provides the name of the user.


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC

Global configuration

Username


Command History

Release
Modification

1.1(1)

The show username command was introduced.

3.1(1)

This command was changed from show username.


Examples

The following example shows the use of the show running-config username command for a user named anyuser:

hostname# show running-config username anyuser
username anyuser password .8T1d6ik58/lzXS5 encrypted privilege 3
username anyuser attributes
vpn-group-policy DefaultGroupPolicy
vpn-idle-timeout 10
vpn-session-timeout 120
vpn-tunnel-protocol IPSec

Related Commands

Command
Description

clear config username

Clears the username database.

username

Adds a user to the FWSM database.

username attributes

Lets you configure AVPs for specific users.


show running-config virtual

To display the IP address of the FWSM virtual server, use the show running-config virtual command in privileged EXEC mode.

show running-config [all] virtual

Syntax Description

all

Display the virtual server IP address of all virtual servers.


Defaults

Omitting the all keyword displays the explicitly configured IP address of the current virtual server or servers.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

1.1(1)

The show virtual command was introduced.

3.1(1)

This command was changed from show virtual.


Usage Guidelines

You must be in privileged EXEC mode to use this command.

Examples

The following example shows the output of the show running-config virtual command when a virtual HTTP server has already been configured:

hostname(config)# show running-config virtual
virtual http 192.168.201.1

Related Commands

Command
Description

clear configure virtual

Removes virtual command statements from the configuration.

virtual

Displays the address for authentication virtual servers.


show running-configuration vpn-sessiondb

To display the current set of configured vpnsessiondb commands, use the show running-configuration vpn-sessiondb command in privileged EXEC mode.

show running-configuration [all] vpn-sessiondb

Syntax Description

all

(Optional) Displays all vpn-sessionddb commands, including the commands you have not changed from the default


Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

Privileged EXEC


Command History

Release
Modification

3.1(1)

Support for this command was introduced.


Usage Guidelines

As of Release 7.0, this command displays only the VPN maximum sessions limit, if configured.

Examples

The following is sample output for the show running-configuration vpn-sessiondb command:

hostname# show running-configuration vpn-sessiondb

Related Commands

Command
Description

show vpn-sessiondb

Displays sessions with or without extended details, optionally filtered and sorted by criteria you specify.

show vpn-sessiondb summary

Displays a session summary, including total current session, current sessions of each type, peak and total cumulative, maximum concurrent sessions.