sh command for IP accounting

Unanswered Question
Sep 15th, 2008
User Badges:

Is there a command on the ASA to account for the activity of local host going to Public IP addresses, # of packet transmitted and the traffic in bytes? The ASA's outside interface does PAT. The equivalent is to enable 'ip accounting' on the ethernet interface of a router.

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
JORGE RODRIGUEZ Mon, 09/15/2008 - 18:56
User Badges:
  • Green, 3000 points or more

I you have ASA 5580 you can implement netflow

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/monitor.html#wp1099818


other than asa5580 model other ASA's don't yet support netflow,you can however implement netflow at your internet edge router and have netflow collector on the inside to capture flows, or even implement netflow on a router that is touching your ASA inside interface.



Rgds

Jorge


Actions

This Discussion