03-08-2007 01:18 AM - edited 03-11-2019 02:43 AM
Hi,
configured static NAT with the rules applied to it, i wanted to view the public IP users who is hitting my server residing behind the ASA with the private IP configured& accessing the specified port
Internet User ---->Internet Router----> ASA ------> All My Servers
rules i applied to access only webserver & ftp as an example.
My requirement is to view which public IP is using which webserver or ftp server ip address on which port.
eg. 1.1.1.1 ------->100.1.1.1---->192.168.1.1 port 21
1.1.1.1------>100.1.1.2----->192.168.1.2 port 80
where 1.1.1.1 is the internet user
100.1.1.1 & 100.1.1.2 is the my actual ftp server & web server, but configured on ASA to do a static NAT to 192.16.1.1 & 192.168.1.2
03-08-2007 02:15 AM
Enable logging, that would tell you the sequence of events, when and which ip address tried to access which host on the inside.
logging on
logging monitor 6
term mon
If ASA has lot of traffic flowing across, it is recommended to configure a syslog for the same, do not use monitor logging in that case.
-Kanishka
03-08-2007 06:50 AM
one more workaround to view the public ip addresses which are accessing your internal server is the command :
sh conn detail | grep
you'll see all the existing connections.
the connection detail give you the internet ip address accesisng the internal server,the port on which the connection is made ,the state of the ocnnection and the time too.
Please rate if this helps!!
Regards,
Sushil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide