I have a customer with a PIX 515 running 6.3. They have an appliance running a web server and they allow port 80 to a public IP. This is working but they want to log the actual IPs being used to access the web server. They have this currently:
access-list out_in permit tcp any host 126.96.36.199 eq https
access-list out_in permit tcp any host 188.8.131.52 eq https log
but this does not generate any syslog messages. I tried using log-input but it gives me an extra command arguement(s).
The customer doesn't have access to the external router so is there any way to record the IP addresses that are being allowed through this acl? The appliance has a log but it does not include this information and is not customizable.