We have placed a 515E on our network and we want to be able to log who was what external IP address(or PAT port) when. It seems like a feature that everyone would use but for the life of me I can not figure it out. Have setup syslog but it does not help, nothing or to verbose(Every TCP connection logged). Figured it is something simple that I am over looking, Tryed a SNMP walk but could not find this data this way either. Could make a cronjob user that can only get the xlate but I am hoping there is a better way. Thanks for any help you can give...Scott
As Nadeem mentioned, these are level 6 messages in the 6.3 code. The problem with logging at level 6 (as you have seen) is that you get a *lot* of other info as well. If you are only interested in getting these 2 messages from the level 6 syslogs, you can change the default level they are given in the 6.3 code. For instance, let's say you normally just send level 3 and below messages to your syslog server. In the 6.3 code, you now have the option to assign syslog ID 305011 and 305012 as level 3 messages as well. This way, you get the info you need without overwhelming your syslog server with info you don't want. Here is a link that discusses this config parameter on the PIX:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...