Link to home
Start Free TrialLog in
Avatar of mskumar_apk
mskumar_apk

asked on

VPN traffic in Cisco PIX logs

Dear Experts,

I am using CiscoPIX firewall. I can see the traffic logs as below.

<166>May 20 2006 01:00:00 kumar: %PIX-6-302013: Built outbound TCP connection 31174132 for outside:xxxxx/80 (xxxxxxxxx/80) to inside:xxxxxxx/52648 (xxxxxxxx/54508)
<166>May 20 2006 01:00:00 kumar: %PIX-6-302014: Teardown TCP connection 31174132 for outside:xxxxxxxxxx/80 to inside:xxxxxxx/52648 duration 0:00:01 bytes 1048576 TCP FINs

Is there a way to find the amount of traffic that is going through VPN per user? What is the signature in the log that I can look for?

regards
Kumar
ASKER CERTIFIED SOLUTION
Avatar of rsivanandan
rsivanandan
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image
No, I do not know of a way either for individual VPN users just using the PIX. I can do this using the VPN concentrators but that functionality is built in.
SOLUTION
Avatar of billwharton
billwharton
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of mskumar_apk
mskumar_apk

ASKER

Hi,

If I execute 'show isakmp sa', I get only dst,src,state,pending,created and  no info on traffic.

So the conclusion is we could not get vpn traffic through cisco pix logs right?

thanks,

with regards,
Kumar
SOLUTION
Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial