Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How can I know who telnetting to the PIX Fw?

Hi Guys,

ANyway to check who did telnetting to the PIX firewall , something like a log for the user login?

OR any way I can check if some changes being done by this account at certain time?

TIA.

ken

1 ACCEPTED SOLUTION

Accepted Solutions

Re: How can I know who telnetting to the PIX Fw?

Hi,

sure enable logging informational to the buffer or an external syslog server .. you can find freewares on the web such as kiwy Cat tools http://www.kiwisyslog.com/index.php

Refer to the PIX command reference for instructions on how to set up logging to a host

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094885.shtml

A brief example is below

logging on

logging trap informational

logging host [interface] ip_address where interface is the interface behind which the syslog server is located and 'ip-address' is the address of the server. NOTE: by default syslog messages use UDP 514 and so make sure you configure that on the syslog server.

Alternatively you can send syslogs to the PIX buffer by entering

logging buffered informational

These logs will be temparary stored on the PIX until the next reboot or the buffer size fills up in whcih case the old events will be overwritten.

to view the events stored on te local buffer type in 'show logging' andlook for events number

111008

605005

111002

I hope it helps .. please rate it if it does !!!

2 REPLIES

Re: How can I know who telnetting to the PIX Fw?

Hi,

sure enable logging informational to the buffer or an external syslog server .. you can find freewares on the web such as kiwy Cat tools http://www.kiwisyslog.com/index.php

Refer to the PIX command reference for instructions on how to set up logging to a host

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094885.shtml

A brief example is below

logging on

logging trap informational

logging host [interface] ip_address where interface is the interface behind which the syslog server is located and 'ip-address' is the address of the server. NOTE: by default syslog messages use UDP 514 and so make sure you configure that on the syslog server.

Alternatively you can send syslogs to the PIX buffer by entering

logging buffered informational

These logs will be temparary stored on the PIX until the next reboot or the buffer size fills up in whcih case the old events will be overwritten.

to view the events stored on te local buffer type in 'show logging' andlook for events number

111008

605005

111002

I hope it helps .. please rate it if it does !!!

New Member

Re: How can I know who telnetting to the PIX Fw?

Thanks Fernando ! It is really useful..:D

Rated 5 for you..;)

159
Views
0
Helpful
2
Replies
CreatePlease login to create content