Hi, Can anyone explain how I can use a Cisco 3600 series router for Traffic log ?
Scenerio is this : 192.168.1.1 is the router and is the gateway of all clients starting
192.168.1.2 to 192.168.1.100.Now , I want to know who is doing what ?Is there any way , that whatever packets the router is forwarding can be logged ?
Thanks and regards PJ
Hi,
to do this we use netflow analyzer.
For more information have a look at
Andre
What do you mean by Logged ?
The entire packet ?
The source and destination Ip addresses and ports ?
If later then check out NETFLOW
what you can do is to have a ACL that just permit ip any any, and then have the "log" statment in the end. Then have these logs sent to a syslog server. But please bear in mind the extra CPU load this can generate, depending upon traffic rates, bandwidth etc. Also this will generate extra load on your syslog server.
But it can be used.
Alternatively you can place a cisco switch in series with you C3600 ethernetinetface, ans configure a SPAN session of this port, and have that collected by a Sniffer, like SnifferPro or etherreal etc. Dedicated appliances that does the same (plus more) can also be considered, fx Allot, or packetshaper/packeteer Dedicated network-taps are also an option here, as an inline device.
Or you can put in a webcache proxy-only server, and have all clients use this, and then deny everything else, but traffic from the proxy towards the internet. The you can detailed log of your internet usage. both Client IP's and visited sites.
HTH Martin Bilgrav
Thanks for the informations. The URL of cisco is not opening.
Can you tell me how do I enable NetFlow in my 3620 router with IOS version
Version 12.2(12), RELEASE SOFTWARE (fc1)
regards baruah
Andre Wisniewski wrote:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.