Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Log reporting tool recommendations?

All,

I've inherited a network with over 20 sites using PIX ver 6.X and 7.X as the border firewalls. All the VPN's between the sites are wide open and I need to lock them down. I have several months worth of syslogs. Can anyone recommend a tool that can report on the syslogs which ports are being used on which which VPN's? Preferably if they could analyze the syslog files.

thanks

4 REPLIES
Gold

Re: Log reporting tool recommendations?

For a onetime effort like this, I would recommend putting the files on a unix/linux box and using find/grep/awk.

Re: Log reporting tool recommendations?

New Member

Re: Log reporting tool recommendations?

While I agree there are a lot of options out there (I have looked) I was asking for recommendations. What I really am looking for it ones that are able to present results on the IP ranges in the VPN config.

what I need is a tool that can identify matching IP's in the subnets used by the VPN ACL (ie 192.168.1.1 is part of the 192.168.1.0/24 range) I have a large amount of subnets carved up in various sub classes so searching for say 192.168.1 would not cut it. The nearest I found was managenegine's offering but it did not seem to work with all subnets.

many thanks

New Member

Re: Log reporting tool recommendations?

Hi,

I am posting this with a disclaimer that I am part of ManageEngine offerings.

I believe Firewall Analyzer has filters that supports IPRange/CIDR. Hence your requirement could be easily achievable with that.

May be http://forums.adventnet.com/viewforum.php?f=61

would help you further.

regards,

MSK

138
Views
0
Helpful
4
Replies
CreatePlease login to create content