Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: using AAA for NAT accounting

using AAA for NAT accounting

From: Johnny J. <mzakkar_at_lycos.com>
Date: Mon, 12 Jan 2004 00:21:15 +0400

Gents
 
I need your help in this!
We're using PIX-535, 6.2 that is handling our NAT/PAT
I need to be able to use AAA (Tacacs+) for logging the PAT activities!
i.e. just to be able to trace what Global IP and port was translated to
what local IP address
I checked Cisco's documentation, but it only explain this syntax:
aaa accounting include any inside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
AuthInbound
Which will only generate a logging similar to:
. 172.18.124.157 pixuser PIX 99.99.99.2 start
server=rtp-cherry

. time=10:36:16 date=08/23/2000 task_id=0x0
foreign_ip=99.99.99.2

. local_ip=172.18.124.114 cmd=telnet

. 172.18.124.157 pixuser PIX 99.99.99.2 stop
server=rtp-cherry

. time=10:37:50 date=08/23/2000 task_id=0x0
foreign_ip=99.99.99.2

. local_ip=172.18.124.114

   cmd=telnet elapsed_time=94 bytes_in=61 bytes_out=254

 

and this tells me nothing about the Address translation!

 

 

I would appreciate any input, and thanx in advance!

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Jan 18 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos