Solved

VPN traffic in Cisco PIX logs

Posted on 2006-07-03
7
426 Views
Last Modified: 2013-11-16
Dear Experts,

I am using CiscoPIX firewall. I can see the traffic logs as below.

<166>May 20 2006 01:00:00 kumar: %PIX-6-302013: Built outbound TCP connection 31174132 for outside:xxxxx/80 (xxxxxxxxx/80) to inside:xxxxxxx/52648 (xxxxxxxx/54508)
<166>May 20 2006 01:00:00 kumar: %PIX-6-302014: Teardown TCP connection 31174132 for outside:xxxxxxxxxx/80 to inside:xxxxxxx/52648 duration 0:00:01 bytes 1048576 TCP FINs

Is there a way to find the amount of traffic that is going through VPN per user? What is the signature in the log that I can look for?

regards
Kumar
0
Comment
Question by:mskumar_apk
7 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 43 total points
ID: 17031216
As I said, the total amount of traffic gone through the outside interface can be seen with 'show int outside' but I am not really sure if you can do it for individual users on vpn.

Anyways, letz watch...

Cheers,
Rajesh
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17038798
No, I do not know of a way either for individual VPN users just using the PIX. I can do this using the VPN concentrators but that functionality is built in.
0
 
LVL 11

Assisted Solution

by:billwharton
billwharton earned 41 total points
ID: 17039433
Try using the ASDM or graphical interface to the PIX and it may show something

You can also try issuing the 'show isakmp sa' command and you'll see multiple security associations created and that may also show you the total amount of bytes/data transmitted, received
0
 

Author Comment

by:mskumar_apk
ID: 17040397
Hi,

If I execute 'show isakmp sa', I get only dst,src,state,pending,created and  no info on traffic.

So the conclusion is we could not get vpn traffic through cisco pix logs right?

thanks,

with regards,
Kumar
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 41 total points
ID: 17040422
I believe that to be correct in regard to individual users.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 2960 PACL 9 94
Cisco router recommendation for a 1 gig internet connection 11 47
stacking switches 2 46
ASA - RV130 VPN tunnel, cannot pass traffic 8 52
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now