Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN reports in ASA-5540 8.3.2?

Is there any way in ASA/ASDM software, v8.3.2/6.3.4, to find out how often, and when, a particular site-to-site VPN is being used? Using ASDM, I can go into 'Montoring' and look at VPN tunnels that are up in real-time, but there seems to be no history available. I need to be able to tell management when certain site-to-site VPNs have been up so we can track when the remote business partners are using the VPN. Is ASDM capable of giving me this information, or is there some other way to get it?

1 REPLY

Re: VPN reports in ASA-5540 8.3.2?

Hi,

Not sure there's a nice way to look at it.

A VPN tunnel is in use if there's interesting traffic flowing through the tunnel.

You can check that there's traffic flowing with the command ''sh cry ips sa'' and check the encrypt/decrypt statistics incrementing everytime.

The IPsec SAs have a lifetime (28000 seconds) by default normally.

If there's no traffic flowing in that time... the SAs are torn down (tunnel is no longer up).

I imagine that you might log VPN traffic using either syslogs or NetFlow, but not sure if that's what you want to see either...


Federico.

218
Views
0
Helpful
1
Replies
CreatePlease to create content