Cisco PIX Firewall Command Reference, Version 6.2
Index
Downloads: This chapterpdf (PDF - 423.0KB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - X -

Index

Numerics

100BaseTX Ethernet6-9

10BaseT Ethernet6-9

A

AAA3-6, 3-16, 4-14, 4-48, 8-21

aaa accounting3-1

aaa authentication3-3

aaa authorization3-11

aaa-server command3-13

access

control list7-20, 7-21

modes2-2

access-group command3-19

access list

creating for IPSec3-24

downloadable3-25

syslog message3-27

TurboACL3-26

access-list command3-20

AccessPro router8-4

ACLs3-25

A Commands3-1

activation key3-29

ActiveX blocking3-33, 5-31

address translations7-8

alias command3-32, 8-44

alias option to arp command3-34

alternate-address3-27, 6-8

arp command3-34

ARP proxies8-41

authenticating the CA4-3

authentication, authorization, and accounting3-1, 3-3

authorization, RADIUS3-25

authorization, TACACS+3-1, 3-3, 3-11

auth-prompt command3-35

auto keyword issue6-9

B

buffer allocation, interface6-10

C

CA

authenticating the CA4-3

declaring the CA4-6

deleting RSA keys4-6

displaying CRL info4-8

displaying public keys4-7, 4-8

fingerprint4-2

generating RSA key pairs4-5

obtaining an updated CRL4-4

obtaining certificates4-4

registration authority (RA) mode4-3

revoking your certificate4-5

RSA public key record4-3

saving RSA Key pairs and certificates4-6

sending enrollment request4-4

serial number included in certificate4-5

server4-6

cable status5-24

ca command4-13

certificate enrollment protocol4-18

CiscoSecure

acl attribute3-25

show uauth command8-21

Cisco VPN 3000 Client

split tunnel support9-29

VPN group name9-28

VPN group policy9-28

clear3-1

aaa3-1

aaa-server3-15, 3-16

access-group3-19

arp3-34

auth-prompt3-35

blocks8-7

command summary4-13

clear alias command3-32

clear Commands4-13

clear crypto ipsec sa command4-42

clearing

object groups7-14

clear isakmp command6-31

clear isakmp sa command6-31

clear local-host command8-13

clear timeout command9-6

client

Easy VPN Remote9-27, 9-29

remote VPN4-48

VPN9-27

clock command4-18

summer-time settings4-18

year range4-19

command

aaa-server3-13

access-group3-19

access-list3-20

alias3-32, 8-44

arp3-34

auth-prompt3-35

ca4-13

clear

aaa3-1

aaa-server3-15, 3-16

access-group3-19

alias3-32

arp3-34

auth-prompt3-35

crypto ipsec sa4-42

isakmp6-31

isakmp sa6-31

timeout9-6

clear blocks8-7

clear crypto ipsec sa4-42

clear isakmp6-31

clear isakmp sa6-31

clear local-host8-13

clock4-18

conduit4-20

configure4-27

crypto dynamic-map4-18, 4-34

crypto ipsec4-38

crypto map4-45

debug4-34

disable5-13

domain-name5-14

dynamic-map5-14

enable5-15

enable password5-18

established5-20

exit5-22

fixup protocol5-33

floodguard5-40

fragment5-41

help6-4

hostname6-5

interface6-9

ip address6-14

ip audit6-17

ip verify reverse-path6-21

kill6-31

logging6-32

mtu7-2, 7-3

multicast7-2

nameif7-6

nat7-7

pager7-25

passwd7-26

ping7-33

quit7-36

reload7-37

rip7-38

route7-40

service8-1

session8-4

show8-5

aaa3-1, 3-4, 3-11, 3-15, 3-16, 9-12

aaa-server3-16

access-group3-19

access-list3-21

alias3-32

arp3-34

arp timeout3-34

auth-prompt3-36

blocks8-7

ca certificate4-1

ca configure4-1

ca identity4-1

checksum8-8

show conn8-9

show history8-12

show interface6-9

show local-host8-13

show memory8-15

show processes8-15

show tech-support8-20

show traffic8-20

show version8-23

show who9-31

snmp-server8-28

ssh

secure shell support8-31

static8-31

syslog8-41

sysopt6-31, 8-41

sysopt connection permit-ipsec8-42

sysopt ipsec pl-compatible8-43

terminal9-4

tftp-server9-5

timeout9-6

url-cache9-10

url-server9-11

vpngroup9-27

who9-31

write9-31

command completion2-1

command-line interface prompt6-5

conduit command4-20

configurable proxy pinging6-7

configuration mode4-29

configure command4-27

configure factory-default command4-27, 4-30

console session5-6

contact, SNMP8-28

control list7-20, 7-21

conversion-error3-28, 6-8

copy capture command4-32

copy http command4-33

copying capture information4-32

CRL4-2

crypto dynamic-map command4-18, 4-34

cryptography engine, running Known Answer Test8-12

crypto ipsec command4-38

crypto map command4-45

D

daisy-chaining PIX Firewall units3-7

debug command4-34

default password5-18

default route broadcast7-38

DHCP client6-15

Diffie-Hellman4-47, 4-53, 6-29

disable command5-13

diskette4-29

displaying public keys4-7, 4-8

DNS8-41

Document Organizationx

domain-name command5-14

downgrading to a previous version5-39

downloadable access list3-20, 3-25

dynamic-map command5-14

E

Easy VPN Remote9-26, 9-29

Easy VPN Remote Server9-26

echo-reply3-27, 6-8

embryonic connection7-9

enable command5-15

enable password command5-18

encryption, key3-16

ESMTP commands rejected by Mail Guard5-38

established command5-20

Ethernet6-9, 7-6

exit command5-22

F

failover

cable status5-24

flags5-24

polling5-25

UR license5-24

filesystem, Flash memory5-39

filtering5-32

fingerprint, CA4-2

fixup

H.3235-36

VoIP5-36

fixup protocol command5-33

flags, failover5-24

Flash memory5-39

persistent data file4-6

write configuration to9-32

Flood Defender5-40

floodguard command5-40

Frag Guard8-41

fragmentation8-41

fragment command5-41

FTP5-33

full duplex6-9

G

generating RSA key pairs4-5

global IP addresses, associating network with7-7

global lifetimes9-29

GRE4-26

group filtering5-32

H

H.2255-36

H.245 tunneling5-36

H.3235-33, 5-36, 8-40, 9-6

hardware

address3-34

ID6-9

speed6-9

hello packets for failover polling5-25

help command6-4

host, SNMP8-28

hostname command6-5

HTTP5-33

copying files4-33

HTTPS

using to copy files4-33

I

ICMP message types6-8

ICMP redirection3-27, 6-8

ICMP trace5-6

IDENT8-1

IDS6-17

IGMP6-8, 7-2

igmp subcommand6-8

IKE Mode Configuration4-48

information-reply3-28, 6-8

information-request3-28, 6-8

intercept, TCP8-37

interface

buffer allocation6-10

command6-9

Interrupt vector, interface cards6-10

Intrusion Detection System6-17

ip address command6-14

ip audit command6-17

IP Frag Guard8-46

IPSec access lists3-24, 3-28

ipsec-isakmp option4-50

ipsec-manual option4-50

ip verify reverse-path command6-21

isakmp keepalive6-25

K

keepalive6-25

key, authentication3-16

kill command6-31

L

LDAP (Lightweight Directory Access Protocol)4-6, 5-34

line protocol up and down6-10

link up and link down6-10

literal names2-3

local-host8-13

location, SNMP8-28

logging command6-32

logging facilities6-33

M

MAC address3-34, 6-10

mail agents and newsreaders3-7

Mail Guard5-38

mask-reply3-28, 6-8

mask-request3-28, 6-8

MD5 encryption, RIP version 27-39

media timer9-6

memory, OS and free8-15

message types, ICMP6-8

mobile redirection3-28, 6-8

mroute command7-1

MTU6-10

mtu command7-2, 7-3

multicast command7-2, 7-3

igmp subcommand7-2

subcommands6-8

multicast routing7-3

multiple PATs6-3

N

N2H29-10, 9-11, 9-12, 9-13

nameif command7-6

nat command7-7

net alias3-33

NetRanger6-17

Network Address Translation (NAT), See nat command

norandomseq7-8, 8-36

O

object-group7-14

object grouping

services7-14

obtaining an updated CRL4-4

Oracle SQL*Net5-5

P

packets, received and sent6-10

packet trace5-4

pager command7-25

parameter-problem3-28, 6-8

passwd command7-26

password, default5-18

PAT (Port Address Translation)5-37, 6-2, 6-3

PDM7-27

physical address3-35

ping and ICMP trace5-5

ping command7-33

pings and AAA3-14

PIX Device Manager (PDM)

showing PDM sessions7-28

PIX Firewall

monitoring performance7-32

reboot and reload7-37

PIX Firewall Manager, set password7-26

PKI protocol4-6, 4-18

polling, failover5-25

port, outbound7-21

PORT command, FTP5-36

port literal names2-3

portmapper4-26

PPPoE

configuration9-21

enabling6-16

example9-22

implementation9-18

PPTP4-26

pre-shared key9-29

privileged mode, start5-17

privilege levels7-34

prompt host name label6-5

protocols2-5, 5-33

proxy servers5-37

Q

querying a certificate or CRL4-6

quit command7-36

R

RADIUS3-1, 3-3, 3-8, 3-25

RAS5-36

redirection

ICMP3-27, 4-25, 6-8

mobile3-28, 6-8

Related Documentationxi

reload command7-37

remote VPN client4-48

rip command7-38

RIP version 27-38

route command7-40

router, in PIX Firewall8-4

router-advertisement3-27, 4-25, 6-8

router-solicitation3-27, 6-8

RPC

conduit4-26

slot9-6

RSA public key record4-3

RSH5-33

S

screen paging, enabling or disabling7-25

security level

assigning7-6

defaults7-7

serial number4-5

server

AAA4-48

syslog8-41

TFTP9-32

service command8-1

session command8-4

Session initiation protocol (SIP)5-37

show3-36

aaa3-1, 3-4, 3-11, 3-15, 3-16, 9-12

aaa-server3-16

access-group3-19

access-list3-21

alias3-32

arp3-34

arp timeout3-34

auth-prompt3-36

blocks8-7

ca certificate4-1

ca configure4-1

ca identity4-1

checksum8-8

local-host8-13

show command2-1, 8-5

show conn command8-9

show history command8-12

showing

object groups7-14

show interface command6-9

show ip command6-14

show local-host command8-13

show memory command8-15

show processes command8-15

show running-config8-16

show startup-config8-18

show tech-support command8-20

show traffic command8-20

show version command8-23

show who command9-31

shutdown option to interface command6-10

signatures6-17

SIP5-37

fixup prococol command5-37

media timer9-6

show conn command display8-9

timeout command9-6

SMTP5-33

SNMP

contact, location, and host8-28

object ID (OID)8-29

snmp-server command8-28

source-quench message type3-27, 4-25, 6-8

SPI4-39, 4-43, 4-55

Split tunnel, VPN9-29

SQL*Net5-5, 5-33

ssh command8-31

static command8-31, 8-38

supported commands2-5

support for Cisco VPN 3000 Client9-27

SYN attacks8-37

syslog3-27

syslog command8-41

syslog messages6-35

sysopt command6-31, 8-41

sysopt connection permit-ipsec command8-42

sysopt ipsec pl-compatible command8-43

T

TACACS+3-1, 3-3, 3-8, 3-11

TCP

maximum segment size8-41

port literals2-3

randomizing packet sequence number7-8

TCP Intercept8-37

TCP intercept feature8-37

Telnet

console debugging5-6

icmp trace5-6

set password7-26

terminating6-31

timeout feature9-2

Trace Channel5-6

terminal command9-4

TFTP

configuration4-29, 9-32

server9-5

tftp-server command9-5

TIME_WAIT state8-42

time-exceeded3-27, 4-25, 6-8

timeout command9-6

timestamp-reply3-28, 6-8

timestamp-request3-28, 6-8

time stamps6-34

token-based authentication4-48

trace ICMP, SQL*Net, and packets5-5

translation slots, UDP, RPC, and H.3239-7

translations of addresses7-8

TurboACL3-26

U

UDP

idle time until slot is freed9-6

port literals2-3

portmapper4-26

unicast RPF6-9

unicast RPF IP spoofing protection6-21

unreachable, ICMP type3-27, 6-8

URL

caching9-10

filtering5-30, 9-10, 9-13

url-cache command9-10

UR license5-24

url-server command9-11

user authentication, authorization, and accounting, providing3-1, 3-3

username filtering5-32

V

vendor-specific access list identifiers3-25

version 2 RIP7-38

Voice over IP (VoIP)5-37

fixup5-36

proxy servers5-37

VPN9-27

group password9-29

pre-shared key9-29

split tunnel9-29

vpnclient server command9-26

vpngroup command9-27

W

Websense5-32, 9-10, 9-11, 9-12, 9-13

who command9-31

write command9-31

X

XDMCP Support5-22

xlate (translation slot)9-6