We use a Sonicwall E8500 for NAT, it will log all NAT translations and send them as syslog to a server for storage. I have logrotate changing files every hour to make it easier to search on. -- Heath Barnhart ITS Network Administrator Washburn University Topeka, KS
On Wed, 2015-01-14 at 14:49 -0500, Jerry Bucklaew wrote: > To ALL: > > We have a large Cisco wireless deployment with public ip address > space. Getting more public IP's is getting difficult so we are > considering going to NAT. The issue we have with NAT is that we still > want to be able to map an outside IP back to a individual user. Once > you go to NAT that of course becomes more difficult to do. I know a > lot of you are probably already doing this and I was wondering how and > what products do you use? I assume most have a one to many NAT and then > use something like a netflow collector to to track the inside NAT IP to > the outside Src-IP/DST-IP/Port/Time. Any good working solutions or > products would be helpful. > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/.
