Examining the PIX Security Appliance status

The show command enables the administrator to view command information. There are several show commands that display system information. Either show or ? can be used to view the names of the show commands and their descriptions. In general, show run plus a command displays a static screen. This typically shows the way that a parameter is configured. The show command plus a command displays a dynamically changing statistics screen. For example, show run interface displays how the interfaces are configured, a static screen. show interface displays a dynamic screen with numerous counters. 

Commonly Used  show  Commands
The show memory command displays a summary of the maximum physical memory, current used memory, and current free memory available to the PIX Security Appliance operating system.

The show cpu usage command displays CPU use.

Use the show version command to display the PIX Security Appliance software version, operating time since the last reboot, processor type, Flash memory type, interface boards, serial number, BIOS identification, and activation key value .

The show ip address command is used to view the IP addresses that are assigned to the network interfaces.

The show interface command is used to view network interface information. This is one of the first commands that should be used when trying to establish connectivity.

Use the show nameif command to view the named interfaces. In Figure , the first two interfaces have the default names inside and outside. The inside interface has a default security level of 100, and the outside interface has a default security level of 0. Ethernet2 is assigned a name of dmz with a security level of 50.

The  ping  Command
The ping command determines if the PIX Security Appliance has connectivity, or if a host is visible to the PIX on the network. By default, the ping command makes three attempts to reach an IP address.

If it is necessary to allow internal hosts to be able to ping external hosts, an ACL for echo reply is necessary. If pings through the PIX Security Appliance between hosts or routers are not successful, use the debug icmp trace command to monitor the success of the ping.

After the PIX Security Appliance is configured and operational, a ping sent to the inside interface of the PIX from the outside network or from the outside interfaces of the PIX will not be successful. If the inside networks can be pinged from the inside interface and the outside networks can be pinged from the outside interface, the PIX is functioning normally and the routes are correct.

The syntax for the ping command is shown in Figure .

The show run nat command to display a single host or range of hosts to be translated. In Figure , all hosts on the 10.0.0.0 network will be translated when traversing the PIX Security Appliance. The nat-id is 1.

The show run global command displays the global pools of addresses configured in the PIX Security Appliance. In Figure there is currently one pool configured. The pool is configured on the outside interface. The pool has an IP address range of 192.168.0.20 to 192.168.0.254. The nat_id is 1.

The show xlate command displays the contents of the translation slot. In Figure , the number of currently used translations is 1 with a maximum count of 1. The current translation is a local IP address of 10.0.0.11 to a global IP address of 192.168.0.20.

Lab Activity

Lab Exercise: Configuring the PIX Security Appliance using Setup Mode and ADSM Startup Wizard

In this lab activity, students will verify that the PIX Security Appliance and Student PC are properly cabled and set up. Students will learn to erase the current configuration of the PIX. Students will then configure basic settings using both the Interactive Setup mode and the ADSM Startup Wizard.

Lab Activity

Lab Exercise: Configure the PIX Security Appliance using CLI

In this lab exercise, students will learn to execute general PIX Security Appliance commands. Students will also configure the PIX Security Appliance inside and outside interfaces. Finally, students will test and verify basic PIX Security Appliance operation.

Lab Activity

e-Lab Activity: PIX Security Appliance show Commands

In this activity, the student will demonstrate how to use the show commands to learn about the configuration of the PIX Security Appliance.