asa bandwidth monitoring and asdm autorefresh

Unanswered Question
Mar 15th, 2009

I have two questions

First: If I have an ASA 5500(05 or 10), how can i view the bandwidth usage per internal IP? For example, lets say I have a T1 and for a whole day the inbound traffic pegs the link. I know the ASA can show me how much bandwidth is being used, but the top 10 sources/dest doesnt always even show internal addresses at all. I am willing to do this in the CLI as well, but I NEED to do this and should be a simple function for a firewall of this caliber.

Second: on the monitoring/VPN section on the ASDM, where the VPN sessions are listed. Is there a way to autorefresh that section, or is the only way to get an updated view of your current VPN sessions to click refresh?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Fri, 03/20/2009 - 08:18

The "interface graph" option on the monitoring ASDM homepage provides real-time monitoring of bandwidth usage for each interface on the security appliance. Bandwidth usage is displayed for incoming and outgoing communications. Users can view packet rates, counts, and errors; bit, byte, and collision counts; and more. I think only "Refresh button" is available on VPN statistics panel.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/mon_vpn.html#wp1040432

stevekives Sat, 04/25/2009 - 08:21

Re: Bandwidth measurement per-IP

There doesn't seem to be a way to do this via the GUI unless it's hiding very well. I was hoping another poster would answer your question affirmatively.

Even in the CLI there aren't many options. You can explore "show local-host" and its parameters but this isn't a good solution since the connections are ephemeral. A test to show this is "show local-host " while you visit a website. You'll see the individual connections come and go with no cumulative byte-counts left behind.

Actions

This Discussion