Seeing real IP vs. my firewall IP in apache/mail logs

Unanswered Question
Sep 14th, 2007

I am currently using PAT to get outside web/email traffic to an inside host on my ASA 5505. All is working accept the only issue is that when I look at my web/email logs all connections are showing as coming from the ASA public IP address. Is there anyway to get around this besides setting up a dmz?

I guess I could go dmz on one of the servers but web/email are on separate hosts. So, that's not really an option.

Would love any solutions on this!

TIA, Kevin

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
htarra Thu, 09/20/2007 - 11:10

I think you have configured statics on the firewall use the same IP addresses that are configured for NAT. If the problem does occur again I would need the following information:-

- The "show xlate" output from the PIX

- The "show arp" output from the PIX

- The IP address and MAC addresses of the servers and hosts having problems

- A network diagram

- The MAC address of the PIX interfaces

kcaporaso Thu, 09/20/2007 - 11:18


Actually, once I got everything configured properly things look great now!

Sorry I didn't come back to update this open ticket. Thanks for your response though!


This Discussion