Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Track High Bandwidth Usage Across VPN

Posted on 2012-03-19
2
Medium Priority
?
1,018 Views
Last Modified: 2012-03-19
I'm looking for something to track what is using up bandwidth from some of our remote offices.  It's causing the entire site to bottleneck, with ~500ms reply times, for what normally should be ~50ms across high speed cable and dsl links.  I'm using all Sonicwall VPN appliances.  Thank you.
0
Comment
Question by:fireguy1125
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
BigRMV earned 2000 total points
ID: 37738540
The first thing I would suggest is to contact your broadband provider and find out if they have a tool that tracks usage, high usage periods, and can show you whether or not your line is reaching the saturation point.

As for SonicWALL, you should log into the unit's GUI as the administrator.  Then use the system diagnostics to see who/what is using the most bandwidth.  For example:

-- Log into the GUI
-- Click the SYSTEM tab on the left
-- Click the DIAGNOSTICS item
-- At the DIAGNOSTICS TOOL pull down menu, select ACTIVE CONNECTIONS MONITOR
-- By default, the options will be Protocol: ALL PROTOCOLS, Src Interface: ALL INTERFACES, and DST Interface: ALL INTERFACES.
-- At the top-right of the generated list, you'll see TX BYTES and RX BYTES. You can click those title bar items to sort highest to lowest or vice versa.
-- Click the EXPORT RESULTS button to save these results to a CSV file for future reference.

The first few "hogs" on your list should be your most active machines (Exchange servers, SQL servers, etc.).  After that are you most active users.

You can filter the Active Connections results further by changing the options.  On most SonicWALL devices, X0 will be your LAN, X1 will be the WAN, and X2 and beyond will be VPNs DMZs and so on.

With these givens, you can track inbound VPN usage by selecting Protocol: ALL PROTOCOLS, Src Interface: X2, and Dst Interface: X0.  You can find outbound by switching the Src and Dst interface options.  (see attached).  Export these results for future reference, too.

Note that you can also choose the LOG tab to view your activity log.  Check this to make sure that you're not being attacked or if you think that one of your users' activities could be the root of your problems.

This can become a lengthy process because you have to do all of the checking/reviewing to try to isolate the cause.  So you'll have to be familiar with your system, the IP addresses in use, the protocols you allow or don't, and how much traffic you should expect from each versus what you see in these results in order to find any meaningful patterns.
0
 
LVL 1

Author Closing Comment

by:fireguy1125
ID: 37738562
Perfect, I saw that several PCs were pulling new antivirus definitions from the parent server over the VPN connection! Thanks!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Resolve DNS query failed errors for Exchange
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question