How to view NATting on ASA 5510?

Anand Narayana · ‎03-08-2007

Hi,

configured static NAT with the rules applied to it, i wanted to view the public IP users who is hitting my server residing behind the ASA with the private IP configured& accessing the specified port

Internet User ---->Internet Router----> ASA ------> All My Servers

rules i applied to access only webserver & ftp as an example.

My requirement is to view which public IP is using which webserver or ftp server ip address on which port.

eg. 1.1.1.1 ------->100.1.1.1---->192.168.1.1 port 21

1.1.1.1------>100.1.1.2----->192.168.1.2 port 80

where 1.1.1.1 is the internet user

100.1.1.1 & 100.1.1.2 is the my actual ftp server & web server, but configured on ASA to do a static NAT to 192.16.1.1 & 192.168.1.2

kaachary · ‎03-08-2007

Enable logging, that would tell you the sequence of events, when and which ip address tried to access which host on the inside.

logging on

logging monitor 6

term mon

If ASA has lot of traffic flowing across, it is recommended to configure a syslog for the same, do not use monitor logging in that case.

-Kanishka

suschoud · ‎03-08-2007

one more workaround to view the public ip addresses which are accessing your internal server is the command :

sh conn detail | grep

you'll see all the existing connections.

the connection detail give you the internet ip address accesisng the internal server,the port on which the connection is made ,the state of the ocnnection and the time too.

Please rate if this helps!!

Regards,

Sushil