Scenario:
Internet
|
IIS----PIX
IIS Web Server on DMZ. Customer wants to be able to parse the IIS logs to
determine what the original source IP address accessing the website is, for
things like billing. All that is showing in the IIS logs is the PIX DMZ
address. Is there a way to configure the PIX to pass the originating source
IP address through to the webserver, while using NAT? The customer doesn't
want to expose their IIS boxes without using NAT if they can help it...
One of the ideas being kicked around as well is to have the PIX syslog to an
NT/W2K box that runs a vbScript to parse and associate the security logs
against the IIS logs... but that is likely going to take a bit of
development.
Any other ideas are appreciated. TIA
Wes Noonan, MCP+I/MCSE/MCT/CCNA/NNCSS
Senior QA Rep
(713) 918-2412
BMC Software, Inc.
[EMAIL PROTECTED]
http://www.bmc.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
