07-18-2004 09:59 AM - edited 03-02-2019 05:08 PM
I Have a 64 k line which i am using for
connecting to the internet so that poeple
can send and receive mail through microsoft
exchange server 5.5. I have implemented NAT
and access-list to permit mail through the
NAT interface. What stratles me is that the
64 k line seems to be at peak use all the time
and I dont believe this is the mail traffic
which is causing this. How can I check traffic typeS
passing through this interface and their port numbers
so i can block them? i.e only accept pop3 and smtp and probably www.
07-18-2004 11:26 AM
You can enable Network Based Application Recognition to find out the type of traffic passing through the interface.
Check
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087cd0.html
For just monitoring, you might just enable cef globally and also enable nbar on eacy interface.
Alternatively, you could use netflow to check the traffic going through the router also. By using show ip cache flow, you can find out all the traffic flows on the router.
07-18-2004 07:03 PM
hi
in addition to the eariler post try configuring "ip route-cache flow" under the interface conf and chek with this command sh ip cache flow which can give u the traffic details with source ip,port and dest ip,port details.
try enabling this on lan interface first and chek.
regds
prem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide