Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
356
Views
0
Helpful
3
Replies

PIX Traffic Analyzation

sals
Level 1
Level 1

‎01-03-2006 10:58 AM - edited ‎02-21-2020 12:37 AM

There is a lot of traffic coming through the our PIX. Is there a command (like ip accounting) on the Pix so I can find out what this traffic is and were it is going

0 Helpful
3 Replies 3

sebastan_bach
Level 4
Level 4

‎01-03-2006 12:27 PM

hi if the traffic is flowing from the inside u can see the xlate table with the show xlate command

show conn will also show all the connection passing through the pix. u can also usea ethereal sniffer to see the traffic going towards the pix. hope this helps and if yes then pls rate it

sebastan

0 Helpful

pdayalu
Level 1
Level 1

‎01-03-2006 02:13 PM

Setup a syslog server to capture the output from the PIX based on what logging levels you have setup. (KIWI works well). You may need to experiment with the logging levels as the logs can get quite large quickly. Based on the levels, you can choose to output only critical or warning messages, or you can output debug to see everything (hope you have a lot of disk space).

0 Helpful

GW6
Level 1
Level 1

‎01-05-2006 03:13 PM

If it were me I would sniff the traffic and generate some TopN reports. Maybe you just have one host abusing the bandwidth...?

You can either capture the traffic on the PIX and export it or setup a sniffer to SPAN one of the interfaces. I prefer to use an external sniffer but you'd probably need local access to the equipment.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card