ASA5510. Check bandwidth usuage for each user?

Unanswered Question
Jun 16th, 2009

Good morning!

Is there a command to check who (source IP) is using most of the bandwidth on the outside interface? Does ASA keep track of the traffic flow of each session? The reason why I am asking is that I think some employees are downloading stuff and they use a lot bandwidth and I need to find out who they are... Thanks!

Difan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Collin Clark Tue, 06/16/2009 - 13:11

There is a nice graph in ASDM. Open ASDM then click on the Firewall Dashboard tab. In the right column in the middle graph is Top Usage Status. Select Top 10 Sources and that should give you the info you're looking for.

Hope that helps.

Difan Zhao Tue, 06/16/2009 - 13:33

Thank you for the information! Actually I have some issues with my ASDM... It freezes after you launch it and put in the username and password. It just stopped. Then if you restart the ASA it will fix it but after days the problem will happen again!! I have tried different Java version but no help. I am using ASDM version 6 and maybe I should think of updating to version 7 if there is one!

So is there an equivalent command in CLI for this top 10 sources IP? Thanks a lot!

Collin Clark Tue, 06/16/2009 - 14:00

I rarely use ASDM too. I don't know a command off the top of my head, but let me look around.

jkuehl Thu, 06/18/2009 - 12:11

make sure your java version is not above Version 6 update 7, if so you will need to downgrade. I updated by asdm to 6.1(5)51 and my ASA to 8.0(4) and that also seemed to help out with stability.

JORGE RODRIGUEZ Thu, 06/18/2009 - 19:27

Difan,

For future reference, a new feature was introduced in latest asa version code 8.2.x called netflow, it was only supportted on the 5580 platform but under this code is now supported on ALL ASA5500 series. Configure netflow under this code if you ever upgrade to it,find a free netflow collector out there, thus you can capture traffic flows per source/destination traversing your firewall as you would in a router.

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/ef.html#wp1972826

Regards

Actions

This Discussion