Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Logging wireless network traffic on an ASA 5510

Dear Cisco Experts :),


We have a wireless network for our guests. This network uses the firewall (an asa 5510) as gateway. Now we are looking for a way to log the following information

Mac Address  or IP client - Time/Date - Information (Url/ip/protocol logging)

Can this be done with an ASA? (i think so using netflow but i dont really understand how this work) Is there a way to safe to the log files to an external server - and do i need software to view to log files (if so does anyone know any software)?

I hope someone can give me a push in the right direction. Thanks in advance.

Sincerly,

Wouter

1 REPLY
VIP Purple

For that to achieve you need

For that to achieve you need a couple of steps:

  1. Enable http-inspection in your service-policy. With that the ASA will generate log-message 304001 which includes the accessed URL. But this will only work for HTTP, not for HTTPS as the ASA doesn't see the URL.
  2. Configure a syslog-server in your internal network. There are millions of servers available. If tail and grep are your preferred tool, then syslog-ng or rsyslog are good servers. There are also commercial servers available from many vendors. Many have graphical user interfaces.
  3. Send log to the configured syslog-server.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
36
Views
0
Helpful
1
Replies
CreatePlease login to create content