Client Bandwidth usage via 501 PIX through NAT or (PNAT).
I have a medium lan that runs behind a cisco 501 PIX. The problem is that I cannot find a command/set of commands to work out the amount of bits per client connection through the NAT. So when the DSL gets flooded from the firewall, I cannot locate the offending PC.
Is there a method for locating the number of bits/bytes per NAT client?
Is there a method for locating the number of bits/bytes per NAT client?
ASKER
Hi grblades,
Thanks for the responce, however I do have such a unit but continuous monitoring is not feasible due to the memory requirements. I get a few hours monitoring before it just bogs down and becomes unusable. We have purchased Network assocates Siffer Pro which solves this however I was looking for a PIX feature similar to the 'Show nat translations' on the cisco router but also included bit counters for each connection.
I use the 'show xlate' which gives me the nat connections but lacks any counters.
I was hoping for a series of commands that may give me what I need to see who is flooding the link....
Hope that clarifies things...
Thanks for the responce, however I do have such a unit but continuous monitoring is not feasible due to the memory requirements. I get a few hours monitoring before it just bogs down and becomes unusable. We have purchased Network assocates Siffer Pro which solves this however I was looking for a PIX feature similar to the 'Show nat translations' on the cisco router but also included bit counters for each connection.
I use the 'show xlate' which gives me the nat connections but lacks any counters.
I was hoping for a series of commands that may give me what I need to see who is flooding the link....
Hope that clarifies things...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is probably a way by using a SNMP query tool.
However personally I would setup an old machine running either Windows or Linux and install a free copy of ethereal (http://www.ethereal.com) network analyser on it. Connect the inside interface of the PIX, the internal LAN, and the monitoring machine into a HUB (or span the port on an existing switch if you have a managed switch).
The ethereal software will be able to tell you which machines are using the link and how much they are transfering.