1-26
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the ASA to Integrate with Cisco TrustSec
Monitoring the ASA Integrated with Cisco TrustSec
Marketing 1 unicast
Engineering 123 unicast (reserved)
Finance 44 multicast
Payroll 54321 multicast (reserved)
Monitoring Cisco TrustSec IP-SGT Mappings
This section contains the following topics about monitoring Cisco TrustSec IP-SGT mappings:
• To display IP-SGT Manager entries in the control plane, page 1-26
• To display IP-SGT mappings learned via SXP, page 1-27
• To display the IP-SGT mappings database in the datapath, page 1-29
To display IP-SGT Manager entries in the control plane
Syntax:
show cts sgt-map [address ip_address|[ipv4|ipv6]] [sgt value] [name sg_name]
[brief|detail]
Description:
This command displays the active IP-SGT mappings consolidated from SXP. Include the detail keyword
to display more information, such as the security group names with the SGT values (included brackets).
If a security group name is not available, only the SGT value is displayed without the bracket.
Output:
This example shows IP-SGT mappings that have IPv6 addresses:
hostname# show cts sgt-map ipv6
Active IP-SGT Bindings Information
IP Address SGT Source
============================================================
3330::1 17 SXP
FE80::A8BB:CCFF:FE00:110 17 SXP
IP-SGT Active Bindings Summary
============================================
address ip_address Displays IP-SGT mappings that match the specified IPv4 or IPv6
address.
ipv4 | ipv6 Displays IPv4 or IPv6 mappings. By default, only IPv4 mappings
are displayed.
sgt value Displays IP-SGT mappings that match the specified SGT.
name sg_name Displays IP-SGT mappings that match the specified security group
name.
brief Displays the summary.
detail Displays details, such as the security group name.
To Next Page
Loading...
Need help?
General
