This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Tom_Access
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Tom_Access
01-11-2023
1Post
0Likes
0Solutions
Jan 11, 2023Last Visited
User
Activity
User
Profile
Latest posts by Tom_Access
| Subject | Views | Posted |
|---|---|---|
| 1444 | 07-08-2022 10:18 AM |
My LIVEcommunity Articles Contributions
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 0 |
User Badges
Community Statistics
| Member Since | 12-06-2019 05:37 AM |
| Date Last Visited | 01-11-2023 01:26 PM |
| Posts | 1 |
07-08-2022
10:18 AM
In the course of tracking down security vulnerabilities, I find myself trying to trace External IPs (from external security scan reports) back to Internal IPs at a specific moment in time (the timestamp from the scan report). Most of the time, it's very simple, as many internal IPs are NAT'd 1-to-1 to external IPs. Those tend to stay static. But there are also large groups of PAT'd addresses, such as whole ranges of internal IPs (like guest WiFi network DHCP pools) that go out a single external IP.
I'm really struggling with how to track these devices down. I can rarely even find a matching internal IP for that timestamp.
Is there a specific NAT/PAT log I can reference? Or a tool for this that I'm missing? I've been trying to use the traffic logs, but that's not always fruitful and it is tedious.
Any suggestions? I'm using a Palo Alto PA-5250 running PanOS 10.2.0.
Thanks in advance,
Tom
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
01-11-2023
01:26 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks