hurtlingturtle
asked on
Cisco Pix and Packet Monitoring
Hi,
We have a Cisco Pix Firewall/router/vpn which sits between our network and an ADSL router.
We are experiencing some pretty dreadful connection speeds at the moment but our ISP says they can't see any probs. I would like to set something up so that I can monitor everything that is going over the PIX, especially in terms of amount of data transfer between any source and destination ip address on the inside or outside interface of the PIX.
I have tried to no avail using Ethereal and also Kiwi Syslogd, neither of which seem to work and the stuff I've found thus far from google is of no help in telling me how to configure the PIX to forward packets to my laptop's ip address.....
anyone got any good ideas?
cheers
Bruce
We have a Cisco Pix Firewall/router/vpn which sits between our network and an ADSL router.
We are experiencing some pretty dreadful connection speeds at the moment but our ISP says they can't see any probs. I would like to set something up so that I can monitor everything that is going over the PIX, especially in terms of amount of data transfer between any source and destination ip address on the inside or outside interface of the PIX.
I have tried to no avail using Ethereal and also Kiwi Syslogd, neither of which seem to work and the stuff I've found thus far from google is of no help in telling me how to configure the PIX to forward packets to my laptop's ip address.....
anyone got any good ideas?
cheers
Bruce
ASKER
Thanks, but when I try to view the graphs they keep saying that they've lost the connection to the PIX. I can still ping it and telnet to it etc.....
any ideas?
cheers
Bruce
any ideas?
cheers
Bruce
yikes. You've probably got something consuming all your internal bandwidth--so much that your pix can't talk to you via gui. It's probably not a pix issue--but an internal host doing something. Lanscan.com has a trial version scanner for free that will tell you your bandwidth hogs. Give that a whirl.
Is your office/network small enough that you can stroll around and see if anyone is downloading something heinous, or playing live video streams of the London attacks or Tour De France? Also, check your mail server -- is it getting bombarded, or struggling to send out a bizillion mail messages with huge attachments?
Is your office/network small enough that you can stroll around and see if anyone is downloading something heinous, or playing live video streams of the London attacks or Tour De France? Also, check your mail server -- is it getting bombarded, or struggling to send out a bizillion mail messages with huge attachments?
ASKER
Thanks, I'll try the lanscan thing.
It is small enough for me to walk round and that was one of the first things I did.
I suppose it's possible some random machine has some sort of virus I suppose.....
thanks for your help
cheers
Bruce
It is small enough for me to walk round and that was one of the first things I did.
I suppose it's possible some random machine has some sort of virus I suppose.....
thanks for your help
cheers
Bruce
ASKER
hmmmm, I've loaded up the Lanscan Traffic View....
I don't think I know what I'm doing..... :-(
perhaps you could recommend how I should use this to indicate problem network devices?
cheers
Bruce
I don't think I know what I'm doing..... :-(
perhaps you could recommend how I should use this to indicate problem network devices?
cheers
Bruce
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://inside address of pix
You'll need your username and password, of course.