Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VPN traffic in Cisco PIX logs

Posted on 2006-07-03
7
Medium Priority
?
434 Views
Last Modified: 2013-11-16
Dear Experts,

I am using CiscoPIX firewall. I can see the traffic logs as below.

<166>May 20 2006 01:00:00 kumar: %PIX-6-302013: Built outbound TCP connection 31174132 for outside:xxxxx/80 (xxxxxxxxx/80) to inside:xxxxxxx/52648 (xxxxxxxx/54508)
<166>May 20 2006 01:00:00 kumar: %PIX-6-302014: Teardown TCP connection 31174132 for outside:xxxxxxxxxx/80 to inside:xxxxxxx/52648 duration 0:00:01 bytes 1048576 TCP FINs

Is there a way to find the amount of traffic that is going through VPN per user? What is the signature in the log that I can look for?

regards
Kumar
0
Comment
Question by:mskumar_apk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 172 total points
ID: 17031216
As I said, the total amount of traffic gone through the outside interface can be seen with 'show int outside' but I am not really sure if you can do it for individual users on vpn.

Anyways, letz watch...

Cheers,
Rajesh
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17038798
No, I do not know of a way either for individual VPN users just using the PIX. I can do this using the VPN concentrators but that functionality is built in.
0
 
LVL 11

Assisted Solution

by:billwharton
billwharton earned 164 total points
ID: 17039433
Try using the ASDM or graphical interface to the PIX and it may show something

You can also try issuing the 'show isakmp sa' command and you'll see multiple security associations created and that may also show you the total amount of bytes/data transmitted, received
0
 

Author Comment

by:mskumar_apk
ID: 17040397
Hi,

If I execute 'show isakmp sa', I get only dst,src,state,pending,created and  no info on traffic.

So the conclusion is we could not get vpn traffic through cisco pix logs right?

thanks,

with regards,
Kumar
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 164 total points
ID: 17040422
I believe that to be correct in regard to individual users.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question