I just wondering if there is anyone doing the same way as what we are looking for.
we have 4 offices mass connected with VPN tunnels through internet boradband (i.e. 6 VPN tunnels). I am looking for a monitoring tools to monitor the bandwidth of different tunnels (only vpn tunnel not including normal internet traffic).
We have a similiar scenario, but much bigger, we have 121 branches worldwide and each has a VPN connection (based on Internet)to head office in Canada.
If you use IPSec+GRE mode to build your VPN connections, that's very easy, just run a MRTG, PRTG, Cricket to monitor each of your VPN connection and respective traffic based on tunnel interfaces.
If you just use IPSec based on Cisco routing platform to build your VPN connections, you can try NetFlow tools,like NetFlow Tracker, NetFlow Analyzer,FlowScan,CFlowd to monitor your VPN traffic based on IPSec protocols' characters, like IP Protocol 50,51 or UDP port 500.
2:If your scenairo is just only running IPSec over Internet, no GRE tunnels deployed, you have to use a Netflow tool to monitor your VPN traffic, you can choose Netflow tracker or Netflow Analyzer to do this job, they both have a trail version to let you evaluate.
Advantage of VPNTTG over other SNMP based monitoring software’s is following: Other (commonly used) software’s are working with static OID numbers, i.e. whenever tunnel disconnects and reconnects, it gets assigned a new OID number. This means that the historical data, gathered on the connection, is lost each time. However, VPNTTG works with VPN peer’s IP address and it stores for each VPN tunnel historical monitoring data into the SQL server and into the RRD (Round Robin Database) file.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...