Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
349
Views
0
Helpful
1
Replies

VPN reports in ASA-5540 8.3.2?

jkeeffe
Level 2
Level 2

‎11-19-2010 08:02 AM

Is there any way in ASA/ASDM software, v8.3.2/6.3.4, to find out how often, and when, a particular site-to-site VPN is being used? Using ASDM, I can go into 'Montoring' and look at VPN tunnels that are up in real-time, but there seems to be no history available. I need to be able to tell management when certain site-to-site VPNs have been up so we can track when the remote business partners are using the VPN. Is ASDM capable of giving me this information, or is there some other way to get it?

Labels:
0 Helpful
1 Reply 1

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎11-19-2010 08:43 AM

Hi,

Not sure there's a nice way to look at it.

A VPN tunnel is in use if there's interesting traffic flowing through the tunnel.

You can check that there's traffic flowing with the command ''sh cry ips sa'' and check the encrypt/decrypt statistics incrementing everytime.

The IPsec SAs have a lifetime (28000 seconds) by default normally.

If there's no traffic flowing in that time... the SAs are torn down (tunnel is no longer up).

I imagine that you might log VPN traffic using either syslogs or NetFlow, but not sure if that's what you want to see either...


Federico.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents