11-04-2014 02:15 AM
Hello,
I am using Cisco ASA firewall for VPN connectivity(site-to-site and client both).
Now a days I am facing packet drop via VPN. Can you please guide me how can I find:
1#Total throughput of VPN tunnels.
2#Bandwidth consumed by each VPN tunnel.
3#Can i analyze traffic/ source ip address who is transferring data through this tunnel.
Your help is really appreciated..
Thanks in advance..
11-11-2014 01:10 PM
Hello,
1. You can find out the throughput of the Site to site using Iperf to define a server and a Client, do a quick transfer and it would tell you the Bandwidth that you are consuming.
On this link you can find how to set up the IPerf:
- http://openmaniak.com/iperf.php
2. You can Analyze the traffuc by source IP address of a host or a whole subnet, the you can extract the capture to a packet sniffer <WireShark>:
For example:
Inside Server IP address: 10.1.1.2
Remote Server IP adress: 192.168.1.2
capture CAP interface inside match ip host 10.1.1.2 host 192.168.1.2
You can see the capture on the Appliance:
- show capture CAP
Then to extract this capture, you do it from the inside of your network on a browser:
https://<ip address of asa>/capture/<capname>/pcap capname-->CAP
For further details of captures you can find it on this link
Let me know if you could get the information you were trying to reach.
Please don´t forget to rate and mark as correct the helpful Post!
David Castro,
Regards,
11-27-2014 08:57 AM
Hello David,
That's fine. My requirement is:
1. Which IP is sending transferring data to which IP.
2. What is the transfer rate.
This is production network. so many IP pools are aleady in place. so it is not possible to map that inside and outside ip and then check, really need some handy command to check in trouble condition.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide