Posts Tagged ‘verification’


This is obviously a very short list. Remember, we recommend use of the Cisco Intrusion Prevention System Device Manager (IDM) for management and configuration of the device during the lab exam. While this graphical user interface (GUI) will be used for most tasks, there are still some useful and quick command line verification tasks for you here.


Initial Setup

more current-config
more current-config | include COMMAND
show interfaces
show version


show events
show os-identification
show settings
show settings terse | begin COMMAND
show statistics
show statistics SERVICE_NAME

Tags: , , , ,


Thanks to Anisha with Cisco Systems for this idea. We were in Brian McGahan’s CCIE Security 5 Day Bootcamp, and she realized it would be nice to have a Quick Ref of his troubleshooting/verification commands. There is a bazillion shows and debugs it seems, but you only need a subset to be successful in the lab. Here is the first part of the “cheat sheet”. The rest will follow in the respective categories in the blog. Please let me know via comment if you see errors or have additions. I added to Brian’s classroom commands with some of my own. I also took a few from the Cisco Press ASA All-In-One Guide. It is an excellent text for your Kindle!



debug radius
debug tacacs
show aaa-server protocol PROTOCOL_NAME
test aaa-server

Access Control Lists

show access-list
show run | include ACCESS_LIST_NAME
show run object-group
show run time-range

Application Inspection

show conn state STATE_TYPE detail
show service-policy

Configuring Interfaces

show firewall
show int
show int ip brief
show ip
show mode
show nameif
show run interface INTERFACE_NAME
show version

Connections and Translations

clear xlate
show conn
show conn detail
show local-host all
clear local-host all (clears all connections)
show log
show run | begin policy-map
show run global
show run nat
show xlate
test regex


debug fo rxip
debug fo txip
show failover
show ip

IP Routing

deug ospf event
debug rip
show ospf database
show ospf interface
show ospf neighbor
show ospf PROCESS_ID
show ospf virtual-links
show route


show igmp interface
show mroute
show pim interface
show pim neighbor


debug crypto ca messages
debug crypto ca transactions
show crypto ca certificates
show crypto ca crls
show crypto key mypubkey rsa

Quality of Service

show priority-queue statistics
show run class-map
show run policy-map
show service-policy global
show service-policy interface INTERFACE_NAME
show service-policy priority
show service-policy shape

Security Contexts

show admin-context
show context
show mode

System Management

show clock
show crypto key mypubkey rsa
show logging
show ntp status
show running-config
show snmp-server statistics
show ssh sessions
show startup-config

Transparent Firewall

debug arp-inspection
debug l2-indication
debug mac-address-table
show access-list
show arp-inspection
show conn
show firewall
show mac-address-table


debug crypto ipsec
debug crypto isakmp
show crypto ipsec sa
show crypto isakmp sa detail
show route


debug menu wbvpn
debug ssl cipher
show vpn-sessiondb summary
show vpn-sessiondb webvpn

Tags: , , , ,


CCIE Bloggers