Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
3
Replies

monitoring ASA usage (with SNMP)

oxfordknowledge
Level 1
Level 1

‎11-23-2008 06:36 AM - edited ‎03-11-2019 07:16 AM

I am trying to monitor traffic on an ASA 5510. I was hoping to use SNMP to get this data to a monitoring/graphing tool such as cacti. I already have SNMP giving me the overall traffic picture.

I can easily see the data I want to capture by using ASDM and the Firewall Dashboard: the info is Usage Status, top 10 services. I want to capture this for network management reasons.

The published OIDs for the ASA device do include tables enabled by 1.3.6.1.4.1.9.9.491.1.1.3.1.0 etc.

which might help me get this info, but most of the useful 491 isn't available or applicable it seems.

Am I right in thinking that I ought to be able to get this info out and logged, or is this a trickier exercise than I anticipated?

Is SNMP the wrong way to go about this?

To be precise, I want to know how much of the passed traffic is in the VPN tunnels, how much is http, how much is email, how much is FTP etc..

Any suggestions welcome, no matter how lateral

Labels:
0 Helpful
3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

‎11-23-2008 07:32 AM

To be precise, I want to know how much of the passed traffic is in the VPN tunnels, how much is http, how much is email, how much is FTP etc..

Any suggestions welcome, no matter how lateral

This is just personally opinion and practice, thats the beauty of democracy I guess:) , have not played much with SNMP on ASA yet, but my strategy is IOS netflow and it is free, I am able to use netflow behind ASAfws in internal edge router right before geting outbound via asa inside interface.

I can capture via netflow source Ips/destination ips engaged in tunnels and respective tcp ports, the downside is that you would have to do the math to get a proximate traffic brakedown and compare it with the total bandwidth of your outbound links.

I believe Cisco has security management apps so I read like Cisco Security manager, but I have not used it, I cannot comment on it but here is a link for detail info.

http://www.cisco.com/en/US/products/ps6498/index.html

Rgds

Jorge

Jorge Rodriguez
0 Helpful

cisco24x7
Level 6
Level 6
In response to JORGE RODRIGUEZ

‎11-23-2008 10:19 AM

Cisco Security Manager (CSM) can not do what

you asked. It is a network management app.

but not for netflow.

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to cisco24x7

‎11-23-2008 10:48 AM

David, thanks for confirming about CSM.

Jorge Rodriguez
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card