675/678 CBOS 2.4.8 Port Logging the WAN via MS

Discussion in 'Cisco' started by Zulu, May 31, 2006.

  1. Zulu

    Zulu Guest

    These days I seem to find myself waking up with googles under my eyes
    instead of sleet.

    I've got a Cisco 675 that I have been trying to figure out how to parse

    and log bi-directional traffic thru the wan. I am able to get the units

    Syslog to turn out the standard messages of whether the link is
    Up/Down, SNR and the Time stamp of these.

    I have the DB9 (serial) cable and can communicate through either Telnet

    or via Serial. I've got it sending what logs it does via the UDP port
    syslog, as per stated above, but I cannot get it log to screen (as it
    says it can) the packet info thru the serial OR udp/syslog.

    Anyone have any experience with this on one of these units or any ideas

    or links other then the cisco CBOS release documents, i have plenty of
    those :D TY!
     
    Zulu, May 31, 2006
    #1
    1. Advertisements

  2. Zulu

    Zulu Guest

    Sorry, rookie at the helm. I didn't think anyone would reply so quick
    to my previous post (removed) but thanx to this user: "Thill" :

    You post is confusing, and I'm not sure what is not working, but here's
    a
    shot. Are you trying to log the packet counters of the WAN interface,
    or
    are you trying to get syslog to use the WAN interface as the source
    address
    when sending syslog messages? The first is not possible via logging
    (syslog
    or otherwise). Those stats are only available via SNMP. The second
    can be
    done with the command "logging source-interface <interface>"

    ***************

    Sorry, I was a bit tired when I dropped this question in the que. What
    I was trying to ask was how to log the packet information (TCP/UDP)
    that passes thru the wan port, in both directions, in and out. Or, in
    the same, packets that are denied entry at the wan port. I hope this
    clarifies it a little better.

    I see the option now for SNMP. Hmmm... got any pointers? I'll do some
    futzing with it for a bit and see what I can acomplish. I dont recall
    seeing much in any of the manuals I crossed but I imagine a simple
    search should yield some results for options and useage.

    However, using the exact command "logging source-interface <interface>"
    with wan0 or wan0-0 in place of the interface came back with an error
    stating "Command not understood - please see help". Maybe thats not an
    option on this unit or I need to set something else first.

    Again I apologize for the previous removed post. Google informed me
    that removing the post would have it removed from Usenet and even from
    searches. I know I removed it very soon after posting it, with in a
    minute or two, but I guess you were ready at the helm and firing off
    the reply :)

    But thanx for your reply!
     
    Zulu, Jun 1, 2006
    #2
    1. Advertisements

  3. Zulu

    Zulu Guest

    I thought I would bump this post one last time before I try posting in
    the firewall forum. I figure someone out there must know something.
    Cisco seems lost in the epitat :D

    I found the SNMP and Manager options, enabled and set the manager, but
    I don't seem to be trapping or collecting a-n-y messages with a-n-y
    syslogger?

    I've tried kiwi and a couple others. Maybe I am still missing
    something? For what I know the unit should be forwarding messages on
    162 udp but I see nothing. In fact, as far as I can sniff, I don't see
    the cisco unit sending any messages besides the normal syslog messages
    (up/down connections, errors).

    I can at least say that is working and forwarding and always has.

    :)
     
    Zulu, Jun 7, 2006
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.