Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Auditing Users Activities 3

Status
Not open for further replies.
Dyadmin

Dyadmin

IS-IT--Management
Joined
Oct 31, 2002
Messages
217
Location
CA
Hi All,

I'm very new to routers and I've inherited a network in which the cisco 1700 series routers are configured to be NAT firewalls to the internet.

I see logging is turned on but how do I audit my users activity on the net? How do I look at the logging. Is there a GUI that I can use to look at their activities??

I apologize at the basic question but I know very little about Cisco's. If I have to read, what do I read? Anything you people can suggest for newbies like me?
 
Sort by date Sort by votes
If you're wanting to know where the users are going...the only way I can think of would be to use the command: "show ip nat translation"

This will give you the source and destination. But other than that, I don't know what to tell you.

"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
 
Upvote 0 Downvote
if you are trying to see what websites they are going to you can always just scan their ie history. i have used a vb script called iespy in the past and it works well.


hope that helps.

----------------------------
Josh
CCNA, MCSE 2003(in progress)
 
Upvote 0 Downvote
The log can show the connections that are made, I believe. It does with the Pix, anyway. use "show log" to see what's in there.
 
Upvote 0 Downvote
Guys! Thank you for all your help and advice! Please keep them coming star for each of you!
 
Upvote 0 Downvote
Really the best way to do this is with a Proxy server. Depending on the number of users, you could pretty much build it on any hardware. Choose your favorite flavor of Linux and use Squid. Create the route map for the outbound NAT pool to only pass HTTP traffic from the proxy machine, and force all users to use the proxy for web traffic - log all info to a database or W3C format - after that you can find several tools out there to view the information historically, and GFI makes a piece of free software that you can view proxy connections in real time, I think it is ISA only though.
 
Upvote 0 Downvote
Thanks Travis, I thought about having a proxy server, I have MS Proxy and it works okay.. but there are better ones out there like squid. Thanks for you advice, I'll check it out!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kdrew098
  • Locked
  • Question Question
A school needs recommendations for a router that can handle 100+ users and possibly 4 WAN inputs
Replies
1
Views
264
biggizod
biggizod
DougP
  • Locked
  • Question Question
total newbie question about dividing certain users on our network
Replies
5
Views
308
DougP
DougP
arib
  • Locked
  • Question Question
RV042 block www access for certain users
Replies
0
Views
65
arib
arib
operadornine
  • Locked
  • Question Question
List all users
Replies
4
Views
789
operadornine
operadornine
1DMF
  • Locked
  • Question Question
Enable ISP router WiFi users to see internal network
Replies
4
Views
155
1DMF
1DMF

Part and Inventory Search

Sponsor

Back
Top