Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Monitoring a PIX515e

I have a PIX515e. Upper management has asked me to provide information as to the VPN usage on the PIX. They want to know on a daily bases the following:

1. Total number of VPN connections at any give time

2. Who is logging in

3. When they are logging in and out

3. How much data they are transfering on there session

I know you can buy applications for this type of monitoring, but I have not been give any budget to get this done. Does anyone know how I could gather this data?


Re: Monitoring a PIX515e

1. log in and do something like a 'show isa sa'

2. do you mean logging into the pix for admin access?

3. see number 2 above

3. not sure this can be done on a pix, is there a cisco router in the path of data that can run netflow?

you will at least need a server to collect any relevant data. as for software, there are probably freeware apps that will do what you want. start with syslog and snmp.

New Member

Re: Monitoring a PIX515e

If you are running PIX 7.x, try the following command:

show vpn-sessiondb summary

This will give you a great deal of that information. There are other options for the show vpn-sessiondb command. You may need to script the execution of this command to get all the information you are looking for (and perhaps depending on the exact level of detail you require).

Another great option (especially for item 3) is to capture the syslog messages that occur for VPN sessions.

New Member

Re: Monitoring a PIX515e

If you run version PIX 7.0 and above:

Check if syslog id 113019 applies.

You may also need syslog id's 602202, 602203 and 713160.

New Member

Re: Monitoring a PIX515e

All my apoligizes. From preceeding email syslog id 602xxx are not relevent.

To monitor a VPN session search the following syslogs

(Well these are the 2 top relevent I've found)

syslog id 713025

syslog id 113019