how do I find out about the amount of data going down the line

[picnmix]

Hi I have a Lan to Lan VPN setup between two cisco 501's.
I am getting really heavy traffic down the line but I don't know where it is coming from. How do I monitor what is going on and can I get a log or something. I wanted to use the PDM to see whether it's full from normal usage but It's so busy I can't even HTTP or RDP or anything.

Cheers Russ

 

[Supergrrover]

Run a syslog server (kiwi is free.)

logging on
logging host [interfacename] [ip_address]
logging device-id hostname
logging message level [#0-7 : 7=debug]
logging timestamp
logging buffered notifications


You can also put as ACL that limits outbound traffic from the inside interface to traffic that you explicitly want and a deny ip any any log 4 on the end and see what's going through.


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[horus42]

You probably need a packet sniffer or if my memory service me right you can use the capture command which captures all data that passes through the PIX device.

You can also use something like ntop, all you need to do is monitor the port where you have the pix connected, the only problem is you will not see a breakdown of the VPN traffic.

Hope that helps