Does anyone know how to monitor bandwidth hungry connections on the ASA 5520 7.2(1)?? When doing a 'show conn' I can see byte counters but there aren't approriate filters to able to sift through pages of connections quickly enough and verbosely enough to see whats happening .. The data's there just needs parsing through something useful..
Is MRTG going to work for that? I'm trying to identify clients which are generating alot of traffic onto the internet.
I don't think you understand what I'm asking mate. I'm trying to get a graphical or more intuitive representation for connections that are using large portions of bandwidth. To do that I need graphs relating to the conns through the firewall - not the sum of the bandwidth on the interface like you get with ASDM nor the indvidual building of connections and teardowns you get with syslog. I want to see that *.*.*.2 is connecting to *.*.*.10 and is utilising 20% of the available bandwidth or 256Kbps or however it wishes to traslate that utilisation.
Something better than typing 'show conn' every 10 secs and trying to traces through the 00:00 idle times and comparing the byte counters to get an idea of who is using what.
Sounds like something akin to NetFlow is what you're looking for. If you have the capability to do so, you could always configure a SPAN switchport on the firewall's interface that you want to monitor and configure the destination switchport to send this mirrored traffic to a Linux/*BSD box running NTOP ( http://www.ntop.org ). You should be presented with enough Layer 3-7 traffic information per source/destination IP to make your eyes bleed.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...