cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
373
Views
4
Helpful
6
Replies

user logging with NAT

cebetant
Level 1
Level 1

IS their a way to have logs on end user activity with a one arm design using source IP NAT.

On the end systems all connections comes from this NAT address.

6 Replies 6

pknoops
Level 3
Level 3

What type of hardware are we talking about here. CSM, CSS ?

CSS

There is no way to log end user activity except with the use of specific ACL's where you could keep track of how many hits a particular, very specific, ACL gets hit when using source/dest ip's in it. This is probably not really feasible, but the only way possible at this point on the CSS.

Regards

Pete..

Bad news... You ask the first question because CSM could do it in some way?

No, the CSM does not do it either, but the ACL option is not available in the CSM, so I did not want to mix things up.

Regards

Pete..

The CSM has the HTTP header insert function that let's you insert the original client ip address into the HTTP header.

HTTP servers can then extract this value to determine the origin.

Regards,

Gilles.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: