Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
2
Replies

Tracking Public IPs from Web Server in the DMZ

david.johnson
Level 1
Level 1

‎02-16-2005 03:48 PM - edited ‎03-09-2019 10:21 AM

I am wondering if it is possible to track IP addresses of computers on the Internet that make requests to a Web Server in the DMZ behind a PIX 515. When looking at the communication to the Web server, the request comes in as originating from the DMZ interface of the PIX. Is there a way to see what the external IP is that the PIX 515 DMZ interface is NAT ing and see this from the Web server?

Labels:
0 Helpful
2 Replies 2

mchin345
Level 6
Level 6

‎02-23-2005 07:44 AM

You can place an IDS before the PIX and get these details.

0 Helpful

Patrick Iseli
Level 7
Level 7
In response to mchin345

‎02-23-2005 09:19 AM

You could use NTOP or send informational syslog infos to a syslog server and then filter that flat file for the information that you are interested in.

http://www.ntop.org/ntop.html

PIX settings:

fixup protocol http 80

logging on

logging timestamp

logging trap informational

logging facility 21

logging host inside 192.x.y.z

A good syslog (server) utility is:

FREE: http://www.kiwisyslog.com/

$$$: http://www.sawmill.net/

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents