Solved: Commands to check Capacity/Bandwidth between Site to Site VPN Tunnel

Pushpendra Yadav · ‎08-19-2013

Hi,

How can we check Capacity/bandwidth between End A to End B of site to site VPN tunnel.

Marvin Rhoads · ‎08-19-2013

You can't very easily. The capacity and bandwidth depend not just on your end devices but on a lot of devices and paths between them that you have no control over or visibility into.

You can "show traffic" or report on interface utilization using any common performance management tool (Cacti, What's Up Gold, SolarWinds NPM, Cisco Prime LMS, etc.). Those usually don't distinguish between overall interface traffic and that due to VPNs. If you export Netflow data from the ASA you can break it down by remote IP and derive the VPN usage from that. Netflow records need to be exported into t tool like ntop, SolarWinds NTA or Prime LMS or Infrastructure to be useful.

Cisco Security Manager will query the VPN statistics periodically and allow you to track individual VPNs or users by collating a bunch of queries it does on an ongoing basis.

View solution in original post

Marvin Rhoads · ‎08-19-2013

You can't very easily. The capacity and bandwidth depend not just on your end devices but on a lot of devices and paths between them that you have no control over or visibility into.

You can "show traffic" or report on interface utilization using any common performance management tool (Cacti, What's Up Gold, SolarWinds NPM, Cisco Prime LMS, etc.). Those usually don't distinguish between overall interface traffic and that due to VPNs. If you export Netflow data from the ASA you can break it down by remote IP and derive the VPN usage from that. Netflow records need to be exported into t tool like ntop, SolarWinds NTA or Prime LMS or Infrastructure to be useful.

Cisco Security Manager will query the VPN statistics periodically and allow you to track individual VPNs or users by collating a bunch of queries it does on an ongoing basis.