Diagnostic Commands and Tools
The importance of the show commands cannot be overemphasized for troubleshooting FWSM. Under some rare circumstances, you may require to run the debug commands. Details about the show and debug commands are discussed in the following sections.
Show Commands
show commands on both the switch side and the FWSM side are important for diagnosing problems with FWSM. As the FWSM is a multi-processor system, much information cannot be viewed on the Control Plane; it can be viewed and interpreted only with the show command. This section shows you how to use some of the show commands on switches and on the FWSM.
show Commands on the Switch
The following list summarizes the use of show commands on a switch:
-
show command for module installation verification
show module This command is used to verify the installation of the FWSM module on the switch. You can find out if the module is coming online or not, and view the status information. This is a very important first-hand command to diagnose any HW-related issue with the FWSM blade. You can find the slot number, which can be used to session into the blade.
-
show command for firewall VLAN mappings verification on the switch
show firewall Use this command, with additional arguments, to find VLAN mappings that are configured on the switch to the firewall modules so that the VLANs can be downloaded and used by the FWSM. Example 4-3 shows the VLAN mappings in Native IOS.