show security flow session ssl
Syntax
show security flow session ssl [brief | extensive]
Description
Display information about the active SSL sessions on the device.
Options
| brief | extensive | Display the specified level of output. |
Required Privilege Level
view
Output Fields
Table 1 lists
the output fields for the show security flow session ssl command. Output fields are listed in the approximate order in which
they appear.
Field Name |
Field Description |
Displayed with Option |
|---|---|---|
|
Number that identifies the session. You can use this ID to get additional information about the session. |
brief, extensive |
|
Status of the session. |
brief, extensive |
|
Policy that permitted the traffic. Name and ID of the policy that the first packet of the session matched. |
brief, extensive |
|
Idle timeout after which the session expires. |
brief, extensive |
|
Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
brief, extensive |
|
Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
brief, extensive |
|
Internal flag depicting the state of the session, used for debugging purposes. |
extensive |
|
The name of the source pool where NAT is used. |
extensive |
|
Name of the application. |
extensive |
|
Encryption applied. |
extensive |
|
Name of the application quality of service rule. |
extensive |
|
Maximum session timeout. |
extensive |
|
Remaining time for the session unless traffic exists in the session. |
extensive |
|
Status of security ssl session. |
extensive |
|
Time when the session was created, offset from the system start time. |
extensive |
|
Duration of the session |
extensive |
|
Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
extensive |
|
Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
extensive |
|
Total number of sessions. |
extensive |
Sample Output
show security flow session ssl brief
user@host> show security flow session ssl brief Output: Session ID: 1, Policy name: default-permit/5, Timeout: 1746, Valid In: 4.0.0.1/37369 --> 5.0.0.1/4433;tcp, Conn Tag: 0x0, If: xe-0/0/0.0, Pkts: 6, Bytes: 671, Out: 5.0.0.1/4433 --> 4.0.0.1/37369;tcp, Conn Tag: 0x0, If: xe-0/0/1.0, Pkts: 7, Bytes: 1635,
show security flow session ssl extensive
user@host> show security flow session ssl extensive Output: Session ID: 1, Status: Normal Flags: 0x42/0x20000000/0x2/0x10103 Policy name: 1/5 Source NAT pool: Null Dynamic application: junos:UNKNOWN, Encryption: Unknown Application traffic control rule-set: INVALID, Rule: INVALID Maximum timeout: 1800, Current timeout: 1636 Session State: Valid Start time: 587131, Duration: 163 In: 4.0.0.1/37369 --> 5.0.0.1/4433;tcp, Conn Tag: 0x0, Interface: xe-0/0/0.0, Session token: 0x7, Flag: 0x2621 Route: 0xa0010, Gateway: 4.0.0.1, Tunnel: 0 Port sequence: 0, FIN sequence: 0, FIN state: 0, Pkts: 6, Bytes: 671 Out: 5.0.0.1/4433 --> 4.0.0.1/37369;tcp, Conn Tag: 0x0, Interface: xe-0/0/1.0, Session token: 0x8, Flag: 0x2620 Route: 0xb0010, Gateway: 5.0.0.1, Tunnel: 0 Port sequence: 0, FIN sequence: 0, FIN state: 0, Pkts: 7, Bytes: 1635 Total sessions: 1
Release Information
Command introduced in Junos OS Release 19.3R1.