Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 24098
  • Last Modified:

How can I monitor bandwidth usage with a new Cisco ASA 5510

Does anyone know of a nice, easy, cheap method of monitoring bandwidth usage on an ASA 5510?  I just put it in to replace an old Sonicwall.  The one thing I liked about the Sonicwall is that I could see statistics for the amount of data sent\received over a specific connection between internal IP and external IP.  I was then able to go back and see what that person was doing to slam the bandwidth, (usually streaming music).  Now when I see a bandwidth spike, I am not sure how to track it back to see where the traffic is coming\going.
0
thelink12
Asked:
thelink12
  • 8
  • 5
  • 4
  • +1
1 Solution
 
agriesserCommented:
I use `sh conn` on the console, copy the output to Excel and sort it according to my needs to see who uses my bandwidth. But that's not the best solution, I guess.
0
 
thelink12Author Commented:
How do you get the data into Excel?
0
 
agriesserCommented:
Connect via SSH, telnet, console, ... to your ASA, issue `sh conn`, mark all the data that's reported by the command and paste it into a notepad or Wordpad. Save the file as .txt, now start excel, click "File" -> "Open", choose the .txt file and when the data import wizard starts, choose space as delimiter for the data.

Make sure to format all cells as "Text" before attempting to insert the data into excel, otherwise IP address will be converted to dates, etc.

BTW: Openoffice Calc asks for the delimiter settings when pasting the data directly into the spreadsheet.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
jjmartineziiiCommented:
Have you tried going to the ADSM? At the dashboard page, you can see top talkers.
0
 
agriesserCommented:
Do you mean the homescreen with "dashboard"? If so, I can't see the top talkers there, I can only see tons of syslog messages running down the screen, but that's nothing useful.
0
 
jjmartineziiiCommented:
If you are using ADSM 6.0, click on the Home button then click on the Firewall Dashboard. You should see a pie chart on the bottom right.
0
 
agriesserCommented:
Oh, ok, I do only have ASDM 5.2 on my system as my "ASA" is just an upgraded PIX525...
0
 
thelink12Author Commented:
I have ASDM 6.0, and the Firewall Dashboard but I am looking for something a little more granular, and something I can use to report on history.  For instance, every so often, the bandwitdh gets slammed.  I would like to be able to quickly see which port\ip address is using all the bandwidth and where they are connecting to via which port.
0
 
agriesserCommented:
I don't think that the ASA software is capable of doing something like this...
We installed a central syslog server which takes all the syslogs from our Cisco devices and runs reports on it some time ago, that worked not so bad, but it probably isn't as comfortable as the SonicWalls feature you talked about.
0
 
jjmartineziiiCommented:
http://www.plixer.com/products/free-netflow.php

Something you may be able to do is run a newflow server. Above is a free one. ASA doesn't support netflow, but if you have a switch before it (or a router) you might be able to get the data from there.
0
 
thelink12Author Commented:
Its a small environment, the ASA sits in front of an HP Switch.  I have a Kiwi syslog server collecting the logs from the ASA.  Know of good way to run reports on that?
0
 
agriesserCommented:
Sorry, I don't know Kiwi. Anyone else, maybe?
0
 
jjmartineziiiCommented:
Me either. All I know is that it collects but thats all I know.
0
 
thelink12Author Commented:
Any good Syslog servers you can recommend?  Something with good reporting?.
0
 
agriesserCommented:
Well, we used the Cisco syslog server a few years ago for doing this. I don't recall the exact name of the product now.
0
 
agriesserCommented:
Any updates on this one?
0
 
thelink12Author Commented:
We ended up using KIWI's syslog and then Sawmill to interpret the data.  THanks for all the help!
0
 
Neil_bCommented:
What i do is have a router inline with the ASA as i have to report bandwidth over 3 seperate VRF's on a single ASA. The routers then have netflows enabled which i feed into a sensor on the LAN
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 8
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now