Is it possible to log the xlates occuring in a PIX firewall so I can go back later and see what internal address mapped to a particular external address? We have our xlate time set rather high because of the high volume of use our students have on the network and the need to be good stewards of our address space. Yet now, I am having some locations indicating some possible port scanning going on. By the time these locations contact me the xlate has long since changed to a different user. Is there any way to log xlates by time and date either on the pix for so long or externally using CISCOWorks or something else?
You would need to set the logging level to 6 to get translation messages. If volumes are high keep an eye on memory and processor usage. Logging at that level for long periods of time will kill the performance at peak periods.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...