Cisco PIX NAT Translation

Discussion in 'Cisco' started by Scooty, Aug 8, 2008.

  1. Scooty

    Scooty Guest

    Hi all
    One I would put out there in the hope there might be a better way of
    doing this
    Currently we have a PIX that does NAT and PAT translations for the
    users accessing the internet
    All HTTP traffic is passed thru the PIX to a Linux box running Squid
    on Ubuntu 8.04 via a Global Address Pool
    When the PIX runs out of NAT addresses it does PAT, no worries it all
    works OK
    When I try and monitor the usage of the Squid server it looks at the
    translated IP and uses this for reporting in SARG or Webalizer
    When I have multiple systems accessing the net I cannot determine the
    true source address only the PAT'd address

    The users exist in multiple subnets and the Squid server is on
    192.168.1.13 which is the DMZ subnet
    As Squid uses NT Authentication this is not an issue for users who
    authenticate against the Squid server but for users where there is no
    authentication all I see is the translated address and for PAT this is
    just one IP. I have no way of telling exactly what use it was / is


    Cheers,
    Scott
     
    Scooty, Aug 8, 2008
    #1
    1. Advertising

  2. In article <>, Scooty <> writes:
    >One I would put out there in the hope there might be a better way of
    >doing this
    >Currently we have a PIX that does NAT and PAT translations for the
    >users accessing the internet
    >All HTTP traffic is passed thru the PIX to a Linux box running Squid
    >on Ubuntu 8.04 via a Global Address Pool
    >When the PIX runs out of NAT addresses it does PAT, no worries it all
    >works OK
    >When I try and monitor the usage of the Squid server it looks at the
    >translated IP and uses this for reporting in SARG or Webalizer
    >When I have multiple systems accessing the net I cannot determine the
    >true source address only the PAT'd address
    >
    >The users exist in multiple subnets and the Squid server is on
    >192.168.1.13 which is the DMZ subnet
    >As Squid uses NT Authentication this is not an issue for users who
    >authenticate against the Squid server but for users where there is no
    >authentication all I see is the translated address and for PAT this is
    >just one IP. I have no way of telling exactly what use it was / is


    Have the Pix log to a syslog server its informational messages. Then you
    get a logfile where you find all the translations together with the time.

    Regards,
    Christoph Gartmann

    --
    Max-Planck-Institut fuer Phone : +49-761-5108-464 Fax: -80464
    Immunbiologie
    Postfach 1169 Internet: gartmann@immunbio dot mpg dot de
    D-79011 Freiburg, Germany
    http://www.immunbio.mpg.de/home/menue.html
     
    Christoph Gartmann, Aug 8, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. BitBucket
    Replies:
    4
    Views:
    3,850
    BitBucket
    Nov 3, 2003
  2. dexx
    Replies:
    2
    Views:
    1,556
    Walter Roberson
    Nov 9, 2005
  3. Walter Roberson
    Replies:
    2
    Views:
    1,641
    Walter Roberson
    Feb 18, 2007
  4. Greg
    Replies:
    0
    Views:
    3,700
  5. Replies:
    0
    Views:
    1,263
Loading...

Share This Page