07-22-2013 07:01 AM - edited 03-11-2019 07:15 PM
Hi all
when adding a PAT rule on my asa to PAT to the outside Ip of my firewall for internet traffic, Im just monitoring the logs whilst users go on the internet. It appears that I dont see the actual destination they are trying to get to but the IP of the interface I am translating to, is this right ? I would expect to see the real IP of the websites they are going to.
cheers
Carl
07-22-2013 07:11 AM
Hi,
If the ASA "logging" configuration hasnt been used to disable or change the level of some Syslog messages and provided that your ASA is set to log at the correct level THEN you should be both seeing the messages that indicate a building and teardown of a connection through the ASA. You would also be seeing the building and teardown messages of the translations for those connections.
So you could start by checking your "logging" configuration with the command
show run logging
This should tell us if the logging levels are appropriate and that the log message IDs that you are looking for haven't disabled or their level hasnt been changed.
- Jouni
07-22-2013 07:28 AM
Hi
I am seeing the logs fine, but the destination im seeing is the outside of my interface and not the real web site IP they are going to
any ideas ?
07-22-2013 07:33 AM
Hi,
Well, usually if you see a log message that states your public IP address as the destination then you are looking at a log message about the translation, not about the actual connection.
As an example one connections/translation building from my own ASA (with changed IP addresses ofcourse)
%ASA-6-305011: Built dynamic TCP translation from any:10.0.0.100/46064 to WAN:1.1.1.1/46064
%ASA-6-302013: Built outbound TCP connection 4585 for WAN:2.2.2.2/443 (2.2.2.2/443) to LAN:10.0.0.100/46064 (1.1.1.1/46064)
Where
- Jouni
07-22-2013 09:15 AM
Hi,
Can you see the above type of messages logged for your connections on the ASA?
They should be showing if your logging is otherwise in default settings and the logging level is set to Informational atleast.
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide