Solved

How can I monitor bandwidth usage with a new Cisco ASA 5510

Posted on 2008-06-24
18
22,167 Views
Last Modified: 2012-05-05
Does anyone know of a nice, easy, cheap method of monitoring bandwidth usage on an ASA 5510?  I just put it in to replace an old Sonicwall.  The one thing I liked about the Sonicwall is that I could see statistics for the amount of data sent\received over a specific connection between internal IP and external IP.  I was then able to go back and see what that person was doing to slam the bandwidth, (usually streaming music).  Now when I see a bandwidth spike, I am not sure how to track it back to see where the traffic is coming\going.
0
Comment
Question by:thelink12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 4
  • +1
18 Comments
 
LVL 14

Expert Comment

by:agriesser
ID: 21858107
I use `sh conn` on the console, copy the output to Excel and sort it according to my needs to see who uses my bandwidth. But that's not the best solution, I guess.
0
 

Author Comment

by:thelink12
ID: 21858135
How do you get the data into Excel?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858248
Connect via SSH, telnet, console, ... to your ASA, issue `sh conn`, mark all the data that's reported by the command and paste it into a notepad or Wordpad. Save the file as .txt, now start excel, click "File" -> "Open", choose the .txt file and when the data import wizard starts, choose space as delimiter for the data.

Make sure to format all cells as "Text" before attempting to insert the data into excel, otherwise IP address will be converted to dates, etc.

BTW: Openoffice Calc asks for the delimiter settings when pasting the data directly into the spreadsheet.
0
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21858668
Have you tried going to the ADSM? At the dashboard page, you can see top talkers.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858882
Do you mean the homescreen with "dashboard"? If so, I can't see the top talkers there, I can only see tons of syslog messages running down the screen, but that's nothing useful.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859013
If you are using ADSM 6.0, click on the Home button then click on the Firewall Dashboard. You should see a pie chart on the bottom right.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859045
Oh, ok, I do only have ASDM 5.2 on my system as my "ASA" is just an upgraded PIX525...
0
 

Author Comment

by:thelink12
ID: 21859470
I have ASDM 6.0, and the Firewall Dashboard but I am looking for something a little more granular, and something I can use to report on history.  For instance, every so often, the bandwitdh gets slammed.  I would like to be able to quickly see which port\ip address is using all the bandwidth and where they are connecting to via which port.
0
 
LVL 14

Accepted Solution

by:
agriesser earned 500 total points
ID: 21859533
I don't think that the ASA software is capable of doing something like this...
We installed a central syslog server which takes all the syslogs from our Cisco devices and runs reports on it some time ago, that worked not so bad, but it probably isn't as comfortable as the SonicWalls feature you talked about.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859557
http://www.plixer.com/products/free-netflow.php

Something you may be able to do is run a newflow server. Above is a free one. ASA doesn't support netflow, but if you have a switch before it (or a router) you might be able to get the data from there.
0
 

Author Comment

by:thelink12
ID: 21859610
Its a small environment, the ASA sits in front of an HP Switch.  I have a Kiwi syslog server collecting the logs from the ASA.  Know of good way to run reports on that?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859708
Sorry, I don't know Kiwi. Anyone else, maybe?
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859916
Me either. All I know is that it collects but thats all I know.
0
 

Author Comment

by:thelink12
ID: 21860141
Any good Syslog servers you can recommend?  Something with good reporting?.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21860174
Well, we used the Cisco syslog server a few years ago for doing this. I don't recall the exact name of the product now.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21924335
Any updates on this one?
0
 

Author Closing Comment

by:thelink12
ID: 31470253
We ended up using KIWI's syslog and then Sawmill to interpret the data.  THanks for all the help!
0
 

Expert Comment

by:Neil_b
ID: 23793420
What i do is have a router inline with the ASA as i have to report bandwidth over 3 seperate VRF's on a single ASA. The routers then have netflows enabled which i feed into a sensor on the LAN
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question