Solved

How can I monitor bandwidth usage with a new Cisco ASA 5510

Posted on 2008-06-24
18
20,707 Views
Last Modified: 2012-05-05
Does anyone know of a nice, easy, cheap method of monitoring bandwidth usage on an ASA 5510?  I just put it in to replace an old Sonicwall.  The one thing I liked about the Sonicwall is that I could see statistics for the amount of data sent\received over a specific connection between internal IP and external IP.  I was then able to go back and see what that person was doing to slam the bandwidth, (usually streaming music).  Now when I see a bandwidth spike, I am not sure how to track it back to see where the traffic is coming\going.
0
Comment
Question by:thelink12
  • 8
  • 5
  • 4
  • +1
18 Comments
 
LVL 14

Expert Comment

by:agriesser
ID: 21858107
I use `sh conn` on the console, copy the output to Excel and sort it according to my needs to see who uses my bandwidth. But that's not the best solution, I guess.
0
 

Author Comment

by:thelink12
ID: 21858135
How do you get the data into Excel?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858248
Connect via SSH, telnet, console, ... to your ASA, issue `sh conn`, mark all the data that's reported by the command and paste it into a notepad or Wordpad. Save the file as .txt, now start excel, click "File" -> "Open", choose the .txt file and when the data import wizard starts, choose space as delimiter for the data.

Make sure to format all cells as "Text" before attempting to insert the data into excel, otherwise IP address will be converted to dates, etc.

BTW: Openoffice Calc asks for the delimiter settings when pasting the data directly into the spreadsheet.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21858668
Have you tried going to the ADSM? At the dashboard page, you can see top talkers.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858882
Do you mean the homescreen with "dashboard"? If so, I can't see the top talkers there, I can only see tons of syslog messages running down the screen, but that's nothing useful.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859013
If you are using ADSM 6.0, click on the Home button then click on the Firewall Dashboard. You should see a pie chart on the bottom right.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859045
Oh, ok, I do only have ASDM 5.2 on my system as my "ASA" is just an upgraded PIX525...
0
 

Author Comment

by:thelink12
ID: 21859470
I have ASDM 6.0, and the Firewall Dashboard but I am looking for something a little more granular, and something I can use to report on history.  For instance, every so often, the bandwitdh gets slammed.  I would like to be able to quickly see which port\ip address is using all the bandwidth and where they are connecting to via which port.
0
 
LVL 14

Accepted Solution

by:
agriesser earned 500 total points
ID: 21859533
I don't think that the ASA software is capable of doing something like this...
We installed a central syslog server which takes all the syslogs from our Cisco devices and runs reports on it some time ago, that worked not so bad, but it probably isn't as comfortable as the SonicWalls feature you talked about.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859557
http://www.plixer.com/products/free-netflow.php

Something you may be able to do is run a newflow server. Above is a free one. ASA doesn't support netflow, but if you have a switch before it (or a router) you might be able to get the data from there.
0
 

Author Comment

by:thelink12
ID: 21859610
Its a small environment, the ASA sits in front of an HP Switch.  I have a Kiwi syslog server collecting the logs from the ASA.  Know of good way to run reports on that?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859708
Sorry, I don't know Kiwi. Anyone else, maybe?
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859916
Me either. All I know is that it collects but thats all I know.
0
 

Author Comment

by:thelink12
ID: 21860141
Any good Syslog servers you can recommend?  Something with good reporting?.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21860174
Well, we used the Cisco syslog server a few years ago for doing this. I don't recall the exact name of the product now.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21924335
Any updates on this one?
0
 

Author Closing Comment

by:thelink12
ID: 31470253
We ended up using KIWI's syslog and then Sawmill to interpret the data.  THanks for all the help!
0
 

Expert Comment

by:Neil_b
ID: 23793420
What i do is have a router inline with the ASA as i have to report bandwidth over 3 seperate VRF's on a single ASA. The routers then have netflows enabled which i feed into a sensor on the LAN
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now