Dumb Pix Question

Tags:

Last response: April 5, 2011 6:41 PM in Networking

techie140

January 27, 2011 4:23:23 PM

Hello,

Our ISPs router sends netflow data through our PIX to an inside machine to monitor bandwidth use.

When I spot a bandwidth hog (and I can only see the global addresses - src and dest - and port) I have to quickly telnet in to the PIX and do a...

pix# show xlate global 222.222.222.254 | include 41998

When we run out of real world IPs, we use PAT on the .254 address.

That gives me the local IP for a PAT translation using port 41998. The problem is that the port number doesn't live forever and half the time I miss it.

Is there a program (or can I write a program) to poll the PIX either for a given global IP/port? What do I need to read?

Oh yeah, IOS 6.3.3

Thanks

More about : dumb pix question

| E-mail me updates
| Report abuse

PawsJK

March 29, 2011 5:46:19 PM

You can set up logging to a server. Basically up the trap notification and get all traffic in and out. You can then search through the logs or watch the logs and grep for the information you want to see.

Or just keep a connection open to the pix and "show log | inc 222.222.222.254

| Report abuse

techie140

April 5, 2011 6:41:30 PM

Thanks.

Just checking....

I can turn on logging in the Pix and send the output to a server? Does it have to be a Windows Server server? Or will a workstation do?

| Report abuse

Ask the community

Related ressources:

Read discussions in other Networking categories