I have a customer with a PIX 515 running 6.3. They have an appliance running a web server and they allow port 80 to a public IP. This is working but they want to log the actual IPs being used to access the web server. They have this currently:
access-list out_in permit tcp any host 188.8.131.52 eq https
access-list out_in permit tcp any host 184.108.40.206 eq https log
but this does not generate any syslog messages. I tried using log-input but it gives me an extra command arguement(s).
The customer doesn't have access to the external router so is there any way to record the IP addresses that are being allowed through this acl? The appliance has a log but it does not include this information and is not customizable.