Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5510 VPN Bandwidth Calculations

Were running an ASA5510 with multiple IPSEC VPN clients over a 100Mb leased line. At the moment we have about 10 active clients however we are looking at gearing up to about 100 clients.

Question is, is there a known method for calculating the required bandwidth for this number of clients or indeed obtaining metrics from already connected clients to help with this calculation.

We have tried a few monitoring products, most notably Solarwinds, however none of the products we have tried seems to be able to give us the throughput of the individual VPN connections to assist with our calcs....

2 REPLIES
Gold

ASA5510 VPN Bandwidth Calculations

Hi Rob,

I don't think you'll find any formula to calculate this unless all of the VPN clients run the same applications and send the same traffic profile through the ASA.

You could try using NetFlow monitoring on the ASA:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/monitor_nsel.html

The ASA will report statistics on a per-connection (i.e. source IP/port and destination IP/port) basis, but the NetFlow collector software you use will likely be able to aggregate this on a per-client basis.

-Mike

New Member

ASA5510 VPN Bandwidth Calculations

Hi Rob,

Check  out VPNTTG (VPN Tunnel Traffic Grapher) is a software for SNMP  monitoring and measuring the traffic load for IPsec  (Site-to-Site,  Remote Access) and SSL (With Client, Clientless) VPN  tunnels on a Cisco  ASA. It allows the user to see traffic load on a VPN  tunnel over time  in graphical form.

Advantage of VPNTTG over other SNMP based monitoring software's is   following: Other (commonly used) software's are working with static OID   numbers, i.e. whenever tunnel disconnects and reconnects, it gets   assigned a new OID number. This means that the historical data,  gathered  on the connection, is lost each time. However, VPNTTG works  with VPN  peer's IP address and it stores for each VPN tunnel  historical  monitoring data into the Database.

For more information about VPNTTG please visit www.vpnttg.com

668
Views
0
Helpful
2
Replies