When working with fwpolicies and for testing new applications, it's proper to use the diag system session command from the cli .
In some case, you might have a new Application that needs close monitoring or want to validate that sessions are indeed up and for a extended time.
By using the filter option and with the diagnostic sys session command you can find those sessions and with other attributes ( src dst port policyid# ) you can confirm or dis-confirm issues that might be drive by firewall or applications.
e.g
the above has a filter option for 900-24400 seconds and any traffic that matches that duration would be presented
You can set other values to drill in on traffic of interest.
Ken
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment