cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3092
Views
0
Helpful
7
Replies

VPN tunnel monitoring

donaldfoo
Level 1
Level 1

Hi all,

I just wondering if there is anyone doing the same way as what we are looking for.

we have 4 offices mass connected with VPN tunnels through internet boradband (i.e. 6 VPN tunnels). I am looking for a monitoring tools to monitor the bandwidth of different tunnels (only vpn tunnel not including normal internet traffic).

any suggection is appreciate.

Donald

7 Replies 7

Amin Shaikh
Level 1
Level 1

Hello,

I am also looking for the same....

Someone please advice.

Chow

jerrytozhang
Level 1
Level 1

We have a similiar scenario, but much bigger, we have 121 branches worldwide and each has a VPN connection (based on Internet)to head office in Canada.

If you use IPSec+GRE mode to build your VPN connections, that's very easy, just run a MRTG, PRTG, Cricket to monitor each of your VPN connection and respective traffic based on tunnel interfaces.

If you just use IPSec based on Cisco routing platform to build your VPN connections, you can try NetFlow tools,like NetFlow Tracker, NetFlow Analyzer,FlowScan,CFlowd to monitor your VPN traffic based on IPSec protocols' characters, like IP Protocol 50,51 or UDP port 500.

Thanks,

Jerry

Thank you for your reply.....

Can you get me the link for Cricket... tool

and your recommendation to select a tool for IPSEC based VPN Connection ....

You mentioned so many ( Netflow tracker .... Netflow Analyser..... etc )

1:Cricket URL is following:

http://cricket.sourceforge.net/

2:If your scenairo is just only running IPSec over Internet, no GRE tunnels deployed, you have to use a Netflow tool to monitor your VPN traffic, you can choose Netflow tracker or Netflow Analyzer to do this job, they both have a trail version to let you evaluate.

Netflow tracker's URL is following:

http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1

Netflow Analyzer's URL is following:

http://manageengine.adventnet.com/products/netflow/index.html

hope those information can help you.

Jerry

Hi Jerry,

Thanks for the information, however I am using PIX to build the VPN tunnel, it sounds like PIX not support netflow, any advice?

Regards,

Donald

cant you trigger off of the following traps if you use an IPSEC GRE tunnel?

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

merabtavart
Level 1
Level 1

Check

http://www.vpnttg.com/

Advantage   of VPNTTG over other SNMP based monitoring software’s is  following:   Other (commonly used) software’s are working with static OID  numbers,   i.e. whenever tunnel disconnects and reconnects, it gets  assigned a  new  OID number. This means that the historical data, gathered  on the   connection, is lost each time. However, VPNTTG works with VPN  peer’s  IP  address and it stores for each VPN tunnel historical  monitoring  data  into the SQL server and into the RRD (Round Robin  Database) file.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: