PIX Windows2003 IAS logging

[Roger1008]

We currently use a PIX and IAS to authenticate VPN users. After adding the following changes, the IAS log file grows extremely fast.
static (sheriff,outside) 24.149.xx.yy 172.17.x.y255.255.255.255
access-list 100 permit tcp any host 24.149.xx.yy eq www
access-list 100 permit tcp any host 24.149.xx.yy eq https
access-list 100 permit tcp any host 24.149.xx.yy eq smtp
access-list 100 permit tcp any host 24.149.xx.yy eq 7184

These were added to work with a mail server which was added to the internal network. Is there something that can be done to reduce the amount of traffic to the IAS, and the log file.

Thanks

Roger

 

[Supergrrover]

A few questions to

What stuff is showing up in the logs?
What was the network config like before? (traffic flow, layout, etc.)?


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[Roger1008]

I am getting all activity between the outside interface and the sheriff interface. I would like to remove the traffic for the mail server, as all that traffic is what is adding to my log and I do not need it.

The following is the current config for the accounting

aaa accounting include tcp/0 outside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 partnerauth

I am thinking an exclude would be what I need to eliminate this activity, but I did not seem to get the syntax right to exclude this traffic.

aaa accounting exclude tcp/0 sheriff 172.17.x.y 255.255.255.255 0.0.0.0 0.0.0.0 partnerauth

thanks

Roger