Heres a few PIX commands that may come in useful.
Performance / Usage
sh mem | Shows memory used and amount free |
sh cpu | Shows % of CPU used |
sh perfmon | Show the performance of various connections |
sh traffic | Show the traffic stats |
sh resource usage system | Shows the system utilization |
sh service-policy | Shows the amount dropped due to MFP |
sh asp drop | Shows drops |
sh asp table socket | Shows open sockets for PIX |
sh logging | i -1- | Shows severity 1 logs |
sh failover | i This | Show the failover status of node (Active/Standby) |
sh resource allocation | Show resource allocation |
sh run all | Show the running config in detail |
sh run all tcp-map | Show the tcp-map settings |
sh conn
| Shows the connection table
|
Misc
ctrl+shift+6 | cancels running process by user |
sh run | i (icmp|ssh) | shows any instances of icmp and ssh in the running config |
show run nat-control | show whether NAT control is enabled (security levels used) |
sysopt connection tcp-mss [mss_size] | change MSS size allowed through PIX |
test [command] | test a command |
help [command] | show additional help on a command |
vpnsetup | Help configuring commands for VPN (priv mode) |
show startup-config errors
| show startup errors
|
Protocol Inspection
sh run class-map | Show your current class-maps |
sh run policy-map | Show the policy-map |
sh run service policy | Show your service Policy
|
VPN
crypto map MAP 10 set phase1-mode aggressive | Configures VPN as aggressive mode |
sh vpn-sessiondb detail index <#> | Show the details for a VPN session entry |
Rick Donato is a Network Automation Architect/Evangelist and the founder of
Packet Coders.Latest posts by Rick Donato
(see all)Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial