Solved

Internet usage/monitoring/Sonicwall TZ170

Posted on 2006-11-01
4
1,896 Views
Last Modified: 2012-06-21
Is there a way I can check and see exactly how much bandwidth is being used by a user/computer? The TZ170 show an IP address and the ammount of data they have transmitted, but it does not show what that IP transmitted to or from, nor does it really tell me much about how much bandwith that IP is hogging.  More specifically there are some users that are using internet radio and it is starting to kill our connection. I would like to be able to see that computer x is hogging 64k of data, going to/from x.x.x.x/www.website.com on port xxxx in realtime.  Cost will be a concern.

PS I tried Viewpoint but it did not give me what i was looking for.
0
Comment
Question by:fsjavan32
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
0xSaPx0 earned 300 total points
ID: 17850571
There is no specific way to do this as the TZ unit won't show you on a per IP basis. What you can do is increase logging and see what internet radio websites they are accessing then block them.

Also you can use tools like  Ntop (http://www.ntop.org) or Ethereal (http://www.ethereal.com) to get an idea of who's connecting to what.

0xSaPx0

0
 
LVL 7

Assisted Solution

by:instillmotion
instillmotion earned 200 total points
ID: 17850886
you need to put a sniffer between your LAN and the gateway. As 0xSaPx0 pointed ntop and ethereal are 2 great tools for that. Ntop if you want long term stats and ethereal for a quick investigation.

You will either need a switch that supports port mirroring, where you will mirror all the ports to one port and sniff on that port, or you can put a HUB in between your LAN and Gateway, and plug the sniffer into the hub as HUBS have all ports in the same collision domain you'll be able to sniff all traffic.
0
 
LVL 2

Expert Comment

by:itpowerhouse
ID: 17852436
Sonicwall has a subscription service called ViewPoint that actually records this exact info for you.  It is about 99 dollars to subscribe to and you can put the license code in your Sonicwall to unlock the functionality.  Sign in to MySonicwall.com and register your box and you can purchase it right there.  The free services mentioned above work well if you know how to use them.

http://www.sonicwall.com/support/pdfs/SonicWALL_ViewPoint_4.0_Release_Notes.pdf

0
 
LVL 2

Expert Comment

by:itpowerhouse
ID: 17859679
We had the same exact issue.  I wish I had known you were unable to mount the old .edb and I would have posted this sooner.  We had Microsoft work on this problem and here is what they sent me as thier notes.  They were successful in saving the databases.  It's to late to help you but someone else will hit this eventually.

ISSUE: Wants to recover databases to new exchange server RESOLUTION STEPS:
-Copied the databases and renamed the mdbdata to mdbdata.old -Created the new folder mdbdata -Pasted all the priv1 and pub1 files in mdbdata -Tried to mount the store -It gave an error -Followed KB 313184 -Did the steps C:\Program Files\exchsrvr\BIN>eseutil /mh " drive :\Program Files\exchsrvr\MDBDATA\priv1.edb"

C:\Program Files\exchsrvr\BIN>eseutil /mh " drive :\Program Files\exchsrvr\MDBDATA\pub1.edb"
-It showed a dirty shutdown
-ran the following comands
C:\Program Files\exchsrvr\MDBDATA>"C:\Program Files\exchsrvr\BIN\eseutil" /p priv1.edb b.  To bring the Pub1.edb file back into a consistent state:
C:\Program Files\exchsrvr\MDBDATA>"C:\Program Files\exchsrvr\BIN\eseutil" /p pub1.edb -C:\Program Files\exchsrvr\BIN>eseutil /d C:\Program Files\exchsrvr\MDBDATA\priv1.edb b.  To defragment Pub1.edb:
C:\Program Files\exchsrvr\BIN>eseutil /d C:\Program Files\exchsrvr\MDBDATA\pub1.edb C:\Program Files\exchsrvr\BIN>isinteg -s (servername) -fix -test alltests -Tried to mount the stores -It was successful -Ran the exmerge utility -I copied emails in a pst folder on desktop -We were able to do exmerge -WE were able to get the previous emails but not todays -Tried to run exmerge again -It failed.
-Tried to do exmerge for single user
-It was successful
-Checked the email address from AD users and computers for one of the users.
-Set it to primary.
1

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Email Domain Transfer 2 34
DDOS information about ip's, gateways and how it works 2 58
EIGRP Full Mesh 2 33
RDP Sonicwall 8 29
Some time ago I was asked to set up a web portal PC to put at our entrance. When customers arrive, they could see a webpage 'promoting' our company. So I tried to set up a windows 7 PC as a kiosk PC.......... I will spare you all the annoyances I…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now