RE: NAT session tracking ?

From: Eric Dobyns (eric_dobyns@yahoo.com)
Date: Tue Jul 17 2007 - 22:36:21 ART

• Next message: E.A. McCaleb: "Re: Cisco Certified Internetwork Architect ?"
• Previous message: Colin McNamara: "RE: Cisco Certified Internetwork Architect ?"
• Maybe in reply to: Phillip McCollum: "RE: NAT session tracking ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ya know, when did this test become less about what an exceptional network
engineer needs to be able to do on a daily basis for a customer and more
about how much minutia and trivia you need to memorize that nobody ever uses
except to pass the test... (No offense to those who need to log their NAT
translations on a daily basis, but that's what firewalls are for...)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Carlos G Mendioroz
Sent: Tuesday, July 17, 2007 4:31 PM
To: phillip.mccollum@ins.com
Cc: ccielab@groupstudy.com
Subject: Re: NAT session tracking ?

Yes indeed. This fills the bill indeed :)
Thanks!

Phillip McCollum @ 17/7/2007 17:13 GMT -0300 dixit:
> Looks like you need this:
>
>
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chap
> ter09186a008044edab.html#wp1048744
>
> Enabling Syslog for Logging NAT Translations
>
> The logging of NAT translations can be enabled and disabled by way of the
> syslog command.
>
> Router(config)#ip nat log translations syslog
>
> Phillip
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Carlos G Mendioroz
> Sent: Tuesday, July 17, 2007 1:54 PM
> To: ccielab@groupstudy.com
> Subject: OT: NAT session tracking ?
>
> Hi,
> I was surprised today by a sensible question: how can I track
> NAT sessions, in order to know who was using a given public
> IP address at a given time ?
>
> The scenario is a ISP that uses private addresses for some clients,
> and needs to be able to track who was involved in past activity
> (like spamming, attacks, etc.)
>
> I would have asumed something was there to do this, but I was unable to
> locate anything. I was looking for some SNMP trap that NAT could
> generate on new sessions (and discarded ones), or tacacs accounting,
> or radius, or...
>
> Any idea ?
>

-- 
Carlos G Mendioroz  <tron@huapi.ba.ar>  LW7 EQI  Argentina

• Next message: E.A. McCaleb: "Re: Cisco Certified Internetwork Architect ?"
• Previous message: Colin McNamara: "RE: Cisco Certified Internetwork Architect ?"
• Maybe in reply to: Phillip McCollum: "RE: NAT session tracking ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:41 ART