Hi all
One I would put out there in the hope there might be a better way of
doing this
Currently we have a PIX that does NAT and PAT translations for the users
accessing the internet
All HTTP traffic is passed thru the PIX to a Linux box running Squid on
Ubuntu 8.04 via a Global Address Pool
When the PIX runs out of NAT addresses it does PAT, no worries it all
works OK
When I try and monitor the usage of the Squid server it looks at the
translated IP and uses this for reporting in SARG or Webalizer
When I have multiple systems accessing the net I cannot determine the
true source address only the PAT'd address

The users exist in multiple subnets and the Squid server is on
192.168.1.13 which is the DMZ subnet
As Squid uses NT Authentication this is not an issue for users who
authenticate against the Squid server but for users where there is no
authentication all I see is the translated address and for PAT this is
just one IP. I have no way of telling exactly what use it was / is


Cheers,
Scott

Reply via email to