Client Bandwidth usage via 501 PIX through NAT or (PNAT).

I have a medium lan that runs behind a cisco 501 PIX.  The problem is that I cannot find a command/set of commands to work out the amount of bits per client connection through the NAT.  So when the DSL gets flooded from the firewall, I cannot locate the offending PC.
Is there a method for locating the number of bits/bytes per NAT client?
LVL 23
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi debuggerau,
There is probably a way by using a SNMP query tool.
However personally I would setup an old machine running either Windows or Linux and install a free copy of ethereal ( network analyser on it. Connect the inside interface of the PIX, the internal LAN, and the monitoring machine into a HUB (or span the port on an existing switch if you have a managed switch).
The ethereal software will be able to tell you which machines are using the link and how much they are transfering.
debuggerauAuthor Commented:
Hi grblades,

Thanks for the responce, however I do have such a unit but continuous monitoring is not feasible due to the memory requirements.  I get a few hours monitoring before it just bogs down and becomes unusable. We have purchased Network assocates Siffer Pro which solves this however I was looking for a PIX feature similar to the 'Show nat translations' on the cisco router but also included bit counters for each connection.
I use the 'show xlate' which gives me the nat connections but lacks any counters.
I was hoping for a series of commands that may give me what I need to see who is flooding the link....
Hope that clarifies things...

The only other thing I can think of is for you to create an outbound access-list and then look at the matching packet counts.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.