-
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Command Reference, 3.1
-
About This Guide
-
Using the Command Line Interface
-
aaa accounting through accounting-server-group
-
activation-key through auto-update timeout
-
backup-servers through bridge-group
-
cache-time through clear capture
-
clear configure through clear configure virtual
-
clear console-output through clear xlate
-
client-access-rule through crl-configure
-
crypto ca authenticate through crypto map set trustpoint
-
debug aaa through debug xdmcp
-
default through drop
-
email through ftp-map
-
gateway through http-map
-
icmp through ignore lsa mospf
-
inspect ctiqbe through inspect xdmcp
-
interface through issuer-name
-
join-failover-group through kill
-
ldap-base-dn through log-adj-changes
-
logging asdm through logout
-
mac-address-table aging-time through multicast-routing
-
name through ospf transmit-delay
-
pager through pwd
-
quit through router-id
-
same-security-traffic through show asdm sessions
-
show asp drop through show curpriv
-
show debug through show ipv6 traffic
-
show isakmp sa through show route
-
show running-config through show running-config isakmp
-
show running-config logging through show running-config vpn-sessiondb
-
show service-policy through show xlate
-
shun through sysopt uauth allow-http-cache
-
telnet through tunnel-limit
-
upgrade-mp through write terminal
-
Table Of Contents
show running-config through show running-config isakmp Commands
show running-config aaa-server
show running-config aaa-server host
show running-config access-group
show running-config access-list
show running-config arp timeout
show running-config arp-inspection
show running-config auth-prompt
show running-config auto-update
show running-config command-alias
show running-config console timeout
show running-config crypto isakmp
show running-config crypto ipsec
show running-config crypto map
show running-config crypto dynamic-map
show running-config domain-name
show running-config established
show running-config group-delimiter
show running-config group-policy
show running-config interface bvi
show running-config ip address
show running-config ip local pool
show running-config ip verify reverse-path
show running-config through show running-config isakmp Commands
show running-config
To display the configuration that is running on the FWSM, use the show running-config command in privileged EXEC mode.
show running-config [all] [command]
Syntax Description
all
Displays the entire operating configuration, including defaults.
command
Displays the configuration associated with a specific command.
Defaults
If no arguments or keywords are specified, the entire non-default FWSM configuration displays.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
•
Command History
Usage Guidelines
The show running-config command displays the current running configuration on the FWSM.
You can use the running-config keyword only in the show running-config command. You cannot use this keyword with no or clear, or as a standalone command, because the CLI treats it as a nonsupported command. When you enter the ?, no ?, or clear ? keywords, a running-config keyword is not listed in the command list.
Note
Examples
This example show how to display the configuration that is running on the FWSM:
hostname# show running-config: Saved:FWSM Version 3.1(0)names!interface Ethernet0nameif testsecurity-level 10ip address 10.10.88.50 255.255.255.254!interface Ethernet1nameif insidesecurity-level 100ip address 10.86.194.176 255.255.254.0!interface Ethernet2shutdownno nameifsecurity-level 0no ip address!interface Ethernet3shutdownno nameifsecurity-level 0no ip address!interface Ethernet4shutdownno nameifsecurity-level 0no ip address!interface Ethernet5shutdownno nameifsecurity-level 0no ip address!enable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encryptedhostname FWSMdomain-name example.comboot system flash:/cdisk.binftp mode passivepager lines 24mtu test 1500mtu inside 1500monitor-interface testmonitor-interface insideASDM image flash:ASDMno ASDM history enablearp timeout 14400route inside 0.0.0.0 0.0.0.0 10.86.194.1 1timeout xlate 3:00:00timeout conn 2:00:00 half-closed 1:00:00 udp 0:02:00 icmp 1:00:00 rpc 1:00:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00timeout uauth 0:00:00 absolutehttp server enablehttp 0.0.0.0 0.0.0.0 insideno snmp-server locationno snmp-server contactsnmp-server enable traps snmpfragment size 200 testfragment chain 24 testfragment timeout 5 testfragment size 200 insidefragment chain 24 insidefragment timeout 5 insidetelnet 0.0.0.0 0.0.0.0 insidetelnet timeout 1440ssh timeout 5console timeout 0group-policy todd internal!class-map inspection_defaultmatch default-inspection-traffic!!policy-map fwsm_global_fw_policyclass inspection_defaultinspect dnsinspect ftpinspect h323 h225inspect h323 rasinspect httpinspect ilsinspect mgcpinspect netbiosinspect rpcinspect rshinspect rtspinspect sipinspect skinnyinspect sqlnetinspect tftpinspect xdmcpinspect ctiqbeinspect cuseemeinspect icmp!terminal width 80service-policy fwsm_global_fw_policy globalCryptochecksum:bfecf4b9d1b98b7e8d97434851f57e14: endRelated Commands
show running-config aaa
To show the AAA configuration in the running configuration, use the show running-config aaa command in privileged EXEC mode.
show running-config aaa [accounting | authentication | authorization | mac-exempt | proxy-limit]
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
—
Command History
1.1(1)
The show aaa command was introduced.
2.2(1)
The show aaa command was modified to support a LOCAL method.
3.1(1)
This command was changed from show aaa.
Examples
The following is sample output from the show running-config aaa command:
hostname# show running-config aaaaaa authentication match infrastructure_authentication_radiusvrs infrastructure radiusvrsaaa accounting match infrastructure_authentication_radiusvrs infrastructure radiusvrsaaa authentication secure-http-clientaaa local authentication attempts max-fail 16Related Commands
show running-config aaa-server
To display AAA server configuration, use the show running-config aaa-server command in privileged EXEC mode.
show running-config [all] aaa-server [server-tag] [(interface-name)]
Syntax Description
Defaults
Omitting the all keyword displays only the explicitly configured configuration values, not the default values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
—
—
•
Command History
1.1(1)
The show aaa-server command was introduced.
3.1(1)
This command was changed from show aaa-server.
Usage Guidelines
Use this command to display the settings for a particular server group. Use the all keyword to display default values as well as the explicitly configured values.
Examples
To display the running configuration for the default AAA server group, use the following command:
hostname(config)# show running-config default aaa-serveraaa-server group1 protocol tacacs+ accounting-mode simultaneousreactivation-mode depletion deadtime 10
max-failed-attempts 4
Related Commands
show running-config aaa-server host
To display AAA server statistics for a particular AAA server, use the show running-config aaa-server host command in global configuration or privileged EXEC mode.
show running-config [all] aaa-server server-tag [(interface-name)] host aaa-server-name
Syntax Description
Defaults
Omitting the all keyword displays only the explicitly configured configuration values, not the default values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
—
—
•
Global configuration
•
•
—
—
•
Command History
Usage Guidelines
Use this command to display the statistics for a particular server group. Use the all keyword to display default values as well as the explicitly configured values.
Examples
To display the running configuration for the server group svrgrp1, use the following command:
hostname(config)# show running-config all aaa-server svrgrp1Related Commands
show running-config aaa-server
Displays AAA server settings.
clear configure aaa
Removes the settings for all AAA servers across all groups.
show running-config access-group
To display the access group information, use the show running-config access-group command in privileged EXEC mode.
show running-config access-group
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
—
Command History
1.1(1)
This command was introduced.
3.1(1)
This command was changed from show access-group.
Examples
The following is sample output from the show running-config access-group command:
hostname# show running-config access-groupaccess-group 100 in interface outsideRelated Commands
access-group
Binds an access list to an interface.
clear configure access-group
Removes access groups from all the interfaces.
show running-config access-list
To display the access-list configuration that is running on the FWSM, use the show running-config access-list command in privileged EXEC mode.
show running-config [all] access-list [alert-interval | deny-flow-max]
show running-config [all] access-list id [saddr_ip]
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
—
Command History
Usage Guidelines
The show running-config access-list command lets you display the current running access list configuration on the FWSM.
Examples
The following is sample output from the show running-config access-list command:
hostname# show running-config access-listaccess-list allow-all extended permit ip any anyRelated Commands
show running-config alias
To display the alias configuration, use the show running-config alias command in privileged EXEC mode.
show running-config [all] alias [interface_name]
Syntax Description
all
(Optional) Shows all commands, including the commands you have not changed from the default.
interface_name
(Optional) Shows the alias commands for the specified interface.
Defaults
This command has no default settings.
Command Modes
The following table shows the modes in which you can enter the command:
Global configuration
•
—
—
•
•
Command History
1.1(1)
This command was introduced.
3.1(1)
This command was changed from show alias.
Examples
This example shows how to display alias information:
hostname# show running-config aliasRelated Commands
show running-config arp
To show static ARP entries created by the arp command in the running configuration, use the show running-config arp command in privileged EXEC mode.
show running-config [all] arp
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
—
Command History
Examples
The following is sample output from the show running-config arp command:
hostname# show running-config arparp inside 10.86.195.11 0008.023b.9893Related Commands
show running-config arp timeout
To view the ARP timeout configuration in the running configuration, use the show running-config arp timeout command in privileged EXEC mode.
show running-config [all] arp timeout
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
—
Command History
1.1(1)
This command was introduced.
3.1(1)
This command was changed from show arp timeout.
Examples
The following is sample output from the show running-config arp timeout command:
hostname# show running-config arp timeoutarp timeout 20000 secondsRelated Commands
show running-config arp-inspection
To view the ARP inspection configuration in the running configuration, use the show running-config arp-inspection command in privileged EXEC mode.
show running-config [all] arp-inspection
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
—
•
•
•
—
Command History
Examples
The following is sample output from the show running-config arp-inspection command:
hostname# show running-config arp-inspectionarp-inspection inside1 enable no-floodRelated Commands
show running-config asdm
To display the asdm commands in the running configuration, use the show running-config asdm command in privileged EXEC mode.
show running-config asdm [group | location]
Syntax Description
group
(Optional) Limits the display to the asdm group commands in the running configuration.
location
(Optional) Limits the display to the asdm location commands in the running configuration.
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
•
Command History
1.1(1)
This command was introduced (as show running-config pdm).
3.1(1)
This command was changed from the show running-config pdm command to the show running-config asdm command.
Usage Guidelines
To remove the asdm commands from the configuration, use the clear configure asdm command.
Note
Examples
The following is sample output from the show running-configuration asdm command:
hostname# show running-config asdmasdm history enablehostname#Related Commands
show running-config auth-prompt
To displays the current authentication prompt challenge text, use the show running-config auth-prompt command in global configuration mode.
show running-config [default] auth-prompt
Syntax Description
Defaults
Display the configured authentication prompt challenge text.
Command Modes
The following table shows the modes in which you can enter the command:
Global configuration
•
•
—
—
•
Command History
1.1(1)
The show auth-prompt command was introduced.
3.1(1)
This command was changed from show auth-prompt.
Usage Guidelines
After you set the authentication prompt, use the show running-config auth-prompt command to view the current prompt text.
Examples
This example shows the use of the show running-config auth-prompt command to show the authentication prompt configuration:
hostname(config)# show running-config auth-promptauth-prompt prompt Please sign in.auth-prompt accept Welcome. Unauthorized access strictly prohibited.auth-prompt reject Credentials invalid.hostname(config)#Related Commands
auth-prompt
Set the user authentication prompts.
clear configure auth-prompt
Reset the user authentication prompts to the default value.
show running-config auto-update
To display the auto-update commands in the running configuration, use the show running-config auto-update command in privileged EXEC mode.
show running-config [all] auto-update
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
—
—
Command History
Examples
The following is sample output from the show running-configuration auto-update command:
hostname# show running-config auto-updateauto-update poll-period 1 1auto-update server http://10.1.1.1:1741/Related Commands
show running-config banner
To display the specified banner and all the lines that are configured for it, use the show running-config banner command in privileged EXEC mode.
show running-config banner [exec | login | motd]
Syntax Description
Defaults
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Privileged EXEC
•
•
•
•
•
Command History
