ASA 5505 Traffic Questions

Hello,

I need a quick way to run a command and tell who an offender of bandwidth usage is on my remote networks. I will see a spike in up or down usage and I need to know what the best way is to see who it is...I see the chart to see usage by IP but how do I know if it is up or down that is getting used? I need to see more data than who is just using the most kb, I need a quick way to understand if a user is using too much upload or download on my networks? Also is there a way to get a 5 second view instead of the built in 5-10 min deals...Instant traffic is more interesting to me to isolate issues right now. I.e. If I am getting bad voice quality on sip traffic and need to see who is uploading crap and hurting it..Also if anyone knows if it is possible to update remote ASA DHCP to local DNS server?

Thanks in advance for any advice.
gconyersAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nayyar HH (CCIE RS)Network ArchitectCommented:
You can use Netflow to achieve this - heres how


1. Download & Install free Netflow traffic analyzer from Solarwinds

http://www.solarwinds.com/downloads/


2. Configure ASA for Netflow

https://supportforums.cisco.com/docs/DOC-6114
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gconyersAuthor Commented:
Yeah Netflow is a good idea but I really need something where I can troubleshoot an immediate issue on the device...somebody is using too much up or down and killing my voice quality, I need to isolate the last few minutes or seconds, see if it is up or down traffic and which ip it is coming from so I can go punch somebody in the face. Does the ASA have any type of command or logging that can show me that data?
0
eeRootCommented:
you can use the "sh conn" command to see what's happening in real time, but the output isn't formatted for finding heavy users.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.