blog
    CCIE Security 2.X Verific ...
    28 September 08

    CCIE Security 2.X Verification Commands "Cheat Sheet"

    Posted byINE
    facebooktwitterlinkedin
    news-featured

    Thanks to Anisha with Cisco Systems for this idea. We were in Brian McGahan's CCIE Security 5 Day Bootcamp, and she realized it would be nice to have a Quick Ref of his troubleshooting/verification commands. There is a bazillion shows and debugs it seems, but you only need a subset to be successful in the lab. Here is the first part of the "cheat sheet". The rest will follow in the respective categories in the blog. Please let me know via comment if you see errors or have additions. I added to Brian's classroom commands with some of my own. I also took a few from the Cisco Press ASA All-In-One Guide. It is an excellent text for your Kindle!

    PIX/ASA 7.2

    AAA

    debug radius
    debug tacacs
    show aaa-server protocol PROTOCOL_NAME
    test aaa-server

    Access Control Lists

    show access-list
    show run | include ACCESS_LIST_NAME
    show run object-group
    show run time-range

    Application Inspection

    show conn state STATE_TYPE detail
    show service-policy

    Configuring Interfaces

    show firewall
    show int
    show int ip brief
    show ip
    show mode
    show nameif
    show run interface INTERFACE_NAME
    show version

    Connections and Translations

    clear xlate
    show conn
    show conn detail
    show local-host all
    clear local-host all (clears all connections)
    show log
    show run | begin policy-map
    show run global
    show run nat
    show xlate
    test regex

    Failover

    debug fo rxip
    debug fo txip
    show failover
    show ip

    IP Routing

    deug ospf event
    debug rip
    show ospf database
    show ospf interface
    show ospf neighbor
    show ospf PROCESS_ID
    show ospf virtual-links
    show route

    Multicast

    show igmp interface
    show mroute
    show pim interface
    show pim neighbor

    PKI

    debug crypto ca messages
    debug crypto ca transactions
    show crypto ca certificates
    show crypto ca crls
    show crypto key mypubkey rsa

    Quality of Service

    show priority-queue statistics
    show run class-map
    show run policy-map
    show service-policy global
    show service-policy interface INTERFACE_NAME
    show service-policy priority
    show service-policy shape

    Security Contexts

    show admin-context
    show context
    show mode

    System Management

    show clock
    show crypto key mypubkey rsa
    show logging
    show ntp status
    show running-config
    show snmp-server statistics
    show ssh sessions
    show startup-config

    Transparent Firewall

    debug arp-inspection
    debug l2-indication
    debug mac-address-table
    show access-list
    show arp-inspection
    show conn
    show firewall
    show mac-address-table

    VPNs

    debug crypto ipsec
    debug crypto isakmp
    show crypto ipsec sa
    show crypto isakmp sa detail
    show route

    WebVPN

    debug menu wbvpn
    debug ssl cipher
    show vpn-sessiondb summary
    show vpn-sessiondb webvpn

    Hey! Don’t miss anything - subscribe to our newsletter!

    © 2022 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
    Terms of servicePrivacy policy
    instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo