Hello group,
I
need to monitor the sessions handled by PIX/ASA units running release
7.2. I need statistics like how many SYN packets were sent from clients
to servers protected by the PIX/ASA; how many of these SYN received the
SYN/ACK; how many sessions reached the established state. I saw that
there is the "show counters" command but all these statistics are
related with traffic sent to the PIX/ASA itself, not traffic passing
through the unit. The upgrade to 8.x is not an option in the moment.
SNMP was investigated as an option but there only a few interesting
values under the CISCO-FIREWALL-MIB and CISCO-UNIFIED-FIREWALL-MIB.
Thanks.
Regards,
Antonio Soares
Hi Antonio,
Commands like
who
show ssh sessions
show asdm sessions
sh conn long all | i Identity.*/22
sh conn long all | i Identity.*/23
sh conn long all | i Identity.*/443 (but this may include webvpn sessions in addition to ASDM, if both are running on the same port) will show the current status but softwares like fireplotter can give you status of session check out the below link for fire plotter hope that helps.
http://www.fireplotter.com/
Ganesh.H