04-29-2008 11:01 AM - edited 02-21-2020 02:00 AM
I have 10 servers behind pix running multiple applications and clients are connected to them only when i allow there IP . But i want to manage a log file so every 1 passing PIX will be logged is there any way to do this. Is it possible using SYSLog
04-29-2008 11:42 AM
I am not sure what reason for that is but if want to know who and when is accessing the server, you could use authentication proxy on the pix.
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/fwaaa.html#wp1043431
Rafal
04-29-2008 11:58 AM
basically one of the user is not been able to connect to a port , so i want to verify weather he is reachinging the server or is blocked on firewall
04-29-2008 12:35 PM
for this kind of troubleshooting I would use either traffic capture on the PIX or even a sniffer (e.g. wireshark). You can SPAN the port on the switch and filter the traffic capture by ip address.
On the pix you can also use sh local-host command, but that info would guarantee that all is working OK.
04-29-2008 01:10 PM
Is there any other why through which i can monitor the IP's. Using SYSlog etc
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide