Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
3
Replies

PIX status monitoring

jksnook
Level 1
Level 1

‎05-17-2005 07:03 AM - edited ‎02-21-2020 12:08 AM

Does anyone know of a good way to review what traffic is going where within a PIX 501? I am specifically looking for a way to review the traffic that has gone inbound and outbound of our network in the last 8 hours.

Thanks,

Jason

0 Helpful
3 Replies 3

jmia
Level 7
Level 7

‎05-17-2005 07:21 AM

Jason,

You can use pix syslog, you'll find a copy of it on the CD that came with your pix!

Hope this helps.

Jay

0 Helpful

jksnook
Level 1
Level 1
In response to jmia

‎05-17-2005 07:25 AM

Thank you, Can you tell me what level I should set syslog to? Also is there a way in the syslog server to only view allowed inbound/outbound traffic?

0 Helpful

paddyxdoyle
Level 6
Level 6

‎05-17-2005 07:24 AM

If you haven't already got something in place to do this then it sounds like your only option is using the built in logging function on the PIX.

From the console the command is "show logging"

You can set up the logging function to log to an external syslog server if you have one or locally to the PIX, kiwi (http://www.kiwisyslog.com/) and 3cdaemon are freeware syslog servers that run on Windows

.

How to configure a PIX to sylog:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094030.shtml

Other than this, the PIX has an inbuilt packet sniffer which can be configured using the "capture" command:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a6.html#wp1053548

Or if you have cisco routers on one or either side of your PIX you could configure Netflow which will allow you to view:

• Source and destination IP address

• Source and destination TCP/User Datagram Protocol (UDP) ports

• Type of service (ToS)

• Packet and byte counts

• Start and end timestamps

• Input and output interface numbers

• TCP flags and encapsulated protocol (TCP/UDP)

• Routing information (next-hop address, source autonomous system (AS) number, destination AS number, source prefix mask, destination prefix mask)

(http://www.cisco.com/warp/public/732/Tech/nmp/netflow/index.shtml)

Good luck!

Paddy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card