Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

web usage reports after PAT to external scansafe web proxy service

Posted on 2012-12-23
1
Medium Priority
?
1,155 Views
Last Modified: 2013-01-22
Hi We recently put a  NAT /PAT  inside to outside interface (on ASA firewall) and port 80/http to 8080 port forward -direct to Cisco's scansafe proxy servers IP address on the web.
We  have some "exceptions" for http sites we dont want filtered - these are ok and also listed in the ASA firewall

We did this to solve a number of problems

1. Apple IPAD's - wifi - avoid manual proxy in browser
2 avoid manual proxy entry for all different types of browser
basically now proxy config is all in the ASA firewall.

Problem is now that due to the ASA NAT the scansafe reports show only the "outside" IP as the no1 user - basically the only user. - so now i cant get meaningful web usage reports.

Before with proxy ticked in users client browser - THe reports showed individual usage.
I want to keep what we have done on the ASA - I dont want to do a PAC file etc.

Does anyone know how I can go about getting the Scansafe to show individual web usage again? - something i can do on ASA?
  Thanks
0
Comment
Question by:philb19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 65

Accepted Solution

by:
btan earned 1500 total points
ID: 38718405
looks similar to this issue raised

using syslog and do manual mapping  - doesnt seems operationally friendly
https://supportforums.cisco.com/message/194755#194755

"Another way might be to add an access-list on the inside interface and add logging to " ip any any " which would be logged to the syslog server. But this might cause a lot of traffic for the syslog server."

also saw in  scansafe help doc stating below
https://scancenter.scansafe.com/portal/static/help/ScanCenterHelp/WSAAP3.html

(in case you need) online help - https://scancenter.scansafe.com/portal/static/help/ScanCenterHelp/

"Cisco ASA 5500 Series Adaptive Security Appliances with version 8.3 or later of the operating system can be configured to enable user names, internal IPs, and domain groups to be sent via PIM to Cisco Cloud Web Security without needing to make end-user changes. There are several ways to achieve this but Cisco recommends using explicit proxy, PAC file or WPAD."
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question