11-01-2007 02:04 PM - edited 03-03-2019 07:22 PM
Hi, not sure if this is possible, but I'm getting a Cisco ASA 5520 Firewall. I will use one of the ports on the 5520 for my DMZ's and trunk it to a port on a switch for VLAN tagging.
Anyway I love the feature on router - "ip route-cache flow" it shows the source and destination of the traffic. I have yet to buy a switch for my VLAN's for the DMZ's, I really would like to monitor the traffic going through the ports/VLANS, so if a users says something is slow I can look on the switch ans say it's IP 1.2.3.4 going to 4.3.2.1 or port causing the problem. Is there a catalyst switch that can do this for me?
11-01-2007 05:00 PM
you can use a few different methods. But the easyest one is Switched Port Analyzer (SPAN) feature. here is the link
http://www.cisco.com/univercd/cc/td/doc/product/voice/ics/icsapps/icscra/cra30/icsspan.htm
Regards,
Steve K
11-01-2007 09:58 PM
HI, [DO RATE ALL HELPFUL POSTS]
Refer the attachment for Cisco SPAN Configuration.
In SPAN Config, the Source and Destination Port should be on the Same Switch.
Max of 6 SPAN Sessions can be created in a CISCO Switch.
Use Ethereal to capture the Packets during the SPAN Sessions.
DO RATE ALL HELPFUL POSTS.
Best Regards,
Guru Prasad R
11-03-2007 03:42 AM
Hi, can you attach the file again I haven't downloaded it yet.
Thanks
11-01-2007 11:54 PM
Thanks, can it show the bandwidth someone is using too?
11-02-2007 12:13 AM
HI, [Pls Rate if HELPS]
SPAN Session + packet capture can be used to verify and validate the traffic source and destination address / port and packet Types.
If you want to validate the Bandwidth used by each User means: Enable "ip accounting" in the Interfaces.
It will be provide the Src, Destn, Bytes transferred, etc.,
Refer link below:
http://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdip.html#wp1018815
PLS RATE if HELPS
Best Regards,
Guru Prasad R
11-02-2007 01:03 AM
Would you use Ethereal for you captures, or is there something better, perhaps a web based option?
Also Do I enable ip accounting on the interface of the ASA 5520 or on the port on the VLAN switch eg fast ethernet 0/20?
11-02-2007 01:27 AM
HI,
Ethereal is Best and easy.
Enable ip accounting in VLAN Switch fast Eth0/20
I don't know whether ip accounting will work on ASA 5520.
DO RATE all HELPFUL POSTS.
Best Regards,
Guru Prasad R
11-02-2007 01:48 AM
So I use Ethereal to get the info on IP accounting on Fast Eth0/20?
If so do I just span the 0/20 port to a spare port on the switch then put in my laptop with etherreal running?
11-02-2007 01:53 AM
HI, [DO Rate all Helpful Posts]
"ip accounting" is something different from SPAN Session configuration.
Pls refer the link provided in my previous POST reg "ip accounting"
Enable SPAN session on the Switch and specify the source and destination port. Then put in your laptop with Ethereal Running.
Do Rate All Helpful POSTS.
Best Regards,
Guru Prasad R
11-02-2007 02:15 AM
I see the the SPAN and IP accounting are separate, I just can't seem to see how I show the IP accounting information, do you have an example of how I would show this and what it might look like?
11-02-2007 02:34 AM
HI,
#show ip accounting
Source-
Destination-
Packets-
Bytes-
The above will be displayed in a horizontal manner.
Whereas after SPAN Configuration in switch the results can be arrived only by means of Packet Capture software like ethereal.
Do RATE all HELPFUL POSTS
Best Regards,
Guru Prasad R
11-02-2007 05:54 AM
I don't think my Cisco 3550 Cataylst switch can do "ip accounting" I don't get the option.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: