Sessions Behind PIX

imranraheel · ‎04-29-2008

I have 10 servers behind pix running multiple applications and clients are connected to them only when i allow there IP . But i want to manage a log file so every 1 passing PIX will be logged is there any way to do this. Is it possible using SYSLog

rkazmierczak · ‎04-29-2008

I am not sure what reason for that is but if want to know who and when is accessing the server, you could use authentication proxy on the pix.

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/fwaaa.html#wp1043431

Rafal

imranraheel · ‎04-29-2008

basically one of the user is not been able to connect to a port , so i want to verify weather he is reachinging the server or is blocked on firewall

rkazmierczak · ‎04-29-2008

for this kind of troubleshooting I would use either traffic capture on the PIX or even a sniffer (e.g. wireshark). You can SPAN the port on the switch and filter the traffic capture by ip address.

On the pix you can also use sh local-host command, but that info would guarantee that all is working OK.

imranraheel · ‎04-29-2008

Is there any other why through which i can monitor the IP's. Using SYSlog etc