Is the linksys switch managed? If it were you could do a port mirror,
where it mirrors all traffic that hits the Pix port to another monitor
port. Or you could setup mrtg or cacti to monitor each interface on the
switch, to see who is using all the bandwidth.
Or stick a hub between the pix and switch for a little while, and also
plug a linux box into the hub to sniff.
Or put a linux box with two nics between the pix and the linksys. If you
bridge eth0 and eth1 into br0, it should be transparent. You shouldn't
have to change anything on the pix. And tcpdump on br0 should show you
some traffic.
Ideally, invest in a managed switch so you can better monitor/control the
traffic.
ray
On Fri, 1 Feb 2008, Chris Jones wrote:
> I have a client whose internet is running very slowly. I suspect that
> there's a lot of traffic coming from somewhere, so I need to sniff the
> traffic to figure out where it's coming/going. Problem is, this is a
> switched network.
>
> The network is a fairly typical setup, going like this:
> internet -> dsl modem -> cisco pix -> linksys switch -> LAN
>
> I can't find a way to get this linksys to go promiscuous, so I'm thinking
> maybe I could set up some kind of machine with two nic's, and have it
> forward all traffic from one nic to the other, and have the machine just
> analyze all traffic as it passes through. Not sure if that's the best
> route, or maybe one of you guys have run across a better option? If that is
> the best way to go, does anyone know of a good free product to do this? Or
> maybe I can somehow use SNMP to pull this info out of the pix? Any
> suggestions?
>
-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ray DeJean http://www.r-a-y.org Systems Engineer Southeastern Louisiana University IBM Certified Specialist AIX Administration, AIX Support =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ___________________ Nolug mailing list nolug@nolug.orgReceived on 02/01/08
This archive was generated by hypermail 2.2.0 : 12/19/08 EST