Cisco Support Community
Community Member

PIX Traffic Analyzation

There is a lot of traffic coming through the our PIX. Is there a command (like ip accounting) on the Pix so I can find out what this traffic is and were it is going

Community Member

Re: PIX Traffic Analyzation

hi if the traffic is flowing from the inside u can see the xlate table with the show xlate command

show conn will also show all the connection passing through the pix. u can also usea ethereal sniffer to see the traffic going towards the pix. hope this helps and if yes then pls rate it


Community Member

Re: PIX Traffic Analyzation

Setup a syslog server to capture the output from the PIX based on what logging levels you have setup. (KIWI works well). You may need to experiment with the logging levels as the logs can get quite large quickly. Based on the levels, you can choose to output only critical or warning messages, or you can output debug to see everything (hope you have a lot of disk space).

Community Member

Re: PIX Traffic Analyzation

If it were me I would sniff the traffic and generate some TopN reports. Maybe you just have one host abusing the bandwidth...?

You can either capture the traffic on the PIX and export it or setup a sniffer to SPAN one of the interfaces. I prefer to use an external sniffer but you'd probably need local access to the equipment.

CreatePlease to create content