Running an ASA 5500, and using ASDM to connect. I need to view the historical metrics in graph form for traffic overview, that is shown on the firewall dashboard. I have enabled historical data, but all I see the 5 minute intervals.
View 4 RepliesIs it possible to get the result in th event list in the form of graph, ie. like delay,throughput in the form of graph
View 3 Replies View RelatedRunning Asa5510, 8.2.5, with asdm 6.4.5 and I am looking for a graph in asdm that will show me what protocols and internal ip addresses uses the most traffic. Maybe a bit like "Top 10 protected servers under SYN attach". My reason for this is of cause I see a very high traffic pattern from one of my interface during the day and need to identify what is using bandwidth, protocol and source address.
I could use Net Flow feature in the Asa, but it´s not "real time" and forces me to setup a net flow collector. Can 8.2.5 not give me this information with built-in graph/tools?
I am currently using ASDM v6.4 and would like to enable the historic metrics feature to view/produce graphs/tables for interface using the Last 5 days, every 2 hours option. how this will impact performance and storage space on the device?
View 1 Replies View RelatedI am trying to veiw my PIX515e via the ASDM, but I am unable to...Can you review my config and make sure I have everything setup the way it is supposed to?
PIX Version 8.0(4)32
!
hostname pixfirewall
[Code].....
check the traffic produced by different hosts in a local network. In other words: which hosts uses how much of the bitrate.For example: We have a wifi network with four computers connected to. Lets say one is running skype, one is surfing in the internet and both left are just in idle mode. Is there a way to monitor the use of our bitrate such that I could see:"Ahh IP 10 is using 80%, IP 11 is using 10% and IP 12 and 13 are using 5% each on average!"
View 3 Replies View RelatedWe are running a ASA5520 with system image of "disk0:/asa843-k8.bin". I'm also running ASDM ver: 6.4(7)So my question is while I'm in the ASDM on the configuration of the firewall, I'm looking at the Access Rules. When I do a show log on any of the rules that have hit counts on them, it opens up a Real-Time Log Viewer but I don't see any information. It's not showing anything, nothing appears, it just sit's there like it's waiting but no data is coming. Even though if I go back out to all the rules, I can see the hit count incrementing. The same thing happens no matter which rule I pick with hit counts on them.
View 1 Replies View RelatedI am attempting to block outbound traffic for a specific PC on my LAN using the ASDM.
View 2 Replies View RelatedI need to count the bytes for some interesting traffic crossing the firewall in ASA 5500. Packet Capture is so far as I need, cause I only need the number of bytes during a long time for about 3 months (source host - destination host)
capture capin type raw-data access-list cap buffer 33554432 interface inside circular-buffer [Capturing - 33553570 bytes]
I need to get only the exactly amount of "33553570 bytes" The pcap file is not needed
I have two 2911 routers running 15.0(1)M4 in a redundant topology connected to an ASA 5520 firewall running 8.4 version. All gears are running EIGRP. In order to distribute the incoming traffic between the two 2911 routers, I am using 'offset-list out' on them, but in the ASA's routing table I see updates from both 2911 with the same metric, i.e. the offset-list is not working. What are the default metric weights on ASA? How can I change them? I couldn't find any known bug.
View 14 Replies View RelatedIs there a way to view changes made in ASDM before hitting apply button?
View 2 Replies View RelatedHow many of you use GNS3 for ASA 5500 Firewalls along with ASDM? While I am on the subject of GNS3 I had a questions about the new version and the capture feature. I installed the latest version last night with the new live capture features but it seems to be only one way capture. T Is there a way to fix this?
View 3 Replies View Relatednat global entry not showing up in ASDM but it does via CLI see blow, it's a policy NAT.
nat (inside) 5 access-list inside_nat_outbound_4
global (outside) 5 ************-OUTSIDE netmask 255.0.0.0
Global 5 doesnt show in ASDM 6.1 (5) the globals only go up to 3
How to view all network traffic on your router not just your computer? Using wireshark. Window 7 and Ubuntu.Without using any enhancements like airPcap or Turbo cap.
View 4 Replies View RelatedI have been trying to conect a Cisco VPN client through an ASA and it makes the connection but doesn't allow any traffic through. The ASA does have a site to site VPN attached to the outside interface.I suppose the first question is it possible to allow VPN client to connect through an ASA 5500 from the inside network when there are Site to Site VPN's already attached to the outside interfaces?If possible then what have I missed. I have tried adding NAT exempt for the traffic between the internal networks and "an IPSEC pass thru Inspect Map".
View 4 Replies View RelatedI would like to have a view of ip traffic on NX7000 as I am used on 6509 OIS, running the above commands: [code] Finding something like on 7000 ?
View 2 Replies View RelatedI have a Belkin G router F5D7230-4 (firmware version 8.01.07) and am trying to view stats on what is using our connection.We have a very low capacity, rural wireless broadband that our ISP tells us is maxed out all the time, even when we don't appear to be using any devices, so I'd like to view the traffic on our DHCP client list to see which device is using an excessive amount of bandwith and put a limit on its access.I don't see a statistics tab on the setup page, is there another place to look or does Belkin have an external program to do this?
View 1 Replies View RelatedI've got a Cisco 2504 wireless controller, and I'd like to rename the AP name in the overview (at Monitor > AP's > Radios) so that I know which unit is placed where and hence be able to troubleshoot more easily.I haven't found any info about this, and usually that means it's not an option, right? I realise the AP name field comes from the device itself, but it seems impossible to rename the device too since I'm running on lightweight, correct?
View 9 Replies View RelatedI restored the HA pair back to Active/Standby.
1 remaining issue.
I have 3 IPsec Site-to_SIte tunnels.
I noticed that when the NEW UNIT becomes ACTIVE that I am unable to pass traffic over the VPN tunnels.When I failback I am able to pass traffic.
I am getting drops in MRTG graph. Pgm nhiPoller[Net]: Received large delta from 'hyd-rt3845-01-GigabitEthernet0/1'. Poll is dropped (OID in error is ifInOctets. Delta is 3989641522. Old value is 4239690170. Current value is 3934364396.).
[Code]...
What could be the reason for the polling drops and is it IOS bug.
I have a Nexus 5500 which is the core of our network and we have access layer switches uplinked to it. I know by default the qos markings will be trusted.
1. On a trunk uplink from an access layer switch to the Nexus, I have "mls qos trust dscp". Will the DSCP marking be preserved when it reaches the Nexus?
2. How do I do prioritization of voice traffic on an uplink on Nexus based on DSCP EF?
We are currently monitoring approximately 50 locations each having one or more cisco devices, Catalyst 3750 and 3560.Locations are connected via CWDM.We would like to monitor interface errors, signal loss and power on CWDM SFP transceivers on Catalyst 3560 and Catalyst 3750 switches. We tried to get these values (as shown using „sh interface transceiver“ command) using SNMP but we didn't get any SNMP result. What MIB or other functions/ modules/ features need to be used/activated on switch?Do we need any additional piece of hardware?
View 25 Replies View RelatedRegion : India
Model : TL-WR740N
Hardware Version : V4
Firmware Version : 3.12.11 Build 120320 Rel.51047n
ISP : BSNL
how to get a graph of the router statistics like upload and download speeds - both total and per device? Something like MRTG. The closest I came to getting data from the router was with RouterStats-Lite, but I was unable to get it to work.
=>Routing Protocol in Question EIGRP.
=>Two equal metric routes for destination A(through R1 and R2-SVIs on two upstream 6500s)
Traceroute Output, is the output that alternates between 1.1=>10.1=>1.1 normal granted the two routes are "equal metric routes for the same routing procotol in use" or is that "round robin behavior" indicative of a routing problem?
I would like to configure an ASA5512-X in firewall transparent mode, but I am having trouble getting ASDM to lauch when I do.
I have created a BVI interface with an IP address, and I hve enabled the mangement interface, but ASDM does not lauch when I enter the IP adress of the BVI I created.
Apprently you need to use the bridge-group command to assign an interfce to a bridge group. When I enter this command at the (config-if) prompt for Management 0/0, this command is not recognized.
What are the general steps for configuring the management interface to be able to launch ASDM in transparent mode?
I would just like to to open UDP port 123 in the ASA 5510 Firewall so that our Primary Domain Controller could use this port to sync time with an external time source. We have already added an access rule for this port under the firewall configuration in ASDM 6.4 and this port was also allowed in the inbound and outbound rule of the PDC's Firewall but it seems that it was still blocked.
View 23 Replies View RelatedI have an ASA 5510 in a live environment. Up til a short while ago I could access this via the ASDM and ssh. However I can no longer connect to it via eithier. When I access It via SSH I get a disclaimer saying the following
*** You have entered a restricted zone! Authorized access only!!! Disconnect immediately if you are not authorized user! ***
It then cuts me off.
When I try to access the ASDM I get the following
The firewall is running all its services without a problem and I can ping the device without any issues. Also none of the config (to my knpowledge has been changed). I set up a console session and http server enable is still there with
http 192.168.200.0 255.255.255.0 inside
Can any ASA 5500 in particular the ASA5510 firewall support jumbo frames (i.e. greater than the default standard 1500 Bytes frames)?. I plan to use the ASAs to setup a point-to-point IPSec tunnel and need an Application frame of 4Kbytes intact and not segment it.I have done little checking on the Cisco Website and see it mention of Jumbo frames on the 5580 on 10Gig interface but didn't see mention 5510. 5580s are way over-kill and expensive for what I need is to run a mission critical one IPSec point-to-point with maximum of no more than 100Kbps so 5510 is perfect for me but not sure if it can carry the jumbo frame?
On the routers and switches it's the MTU settings and they are configurable per interface and I am OK and the circuit is T1 which the Telcos said it's OK since it's physical layer so the only unkown is the firewall.
I have a ASA 5515-X-IPS firewall and I want to communicate firewall through ASDM-IDM. Already done the below procedure;
•1. Connect cable to Management port.
•2. Open browser and type https://192.168.1.1/asdmin and download the ASDM-IDM Launcher v1.5(55) and install my laptop(OS: windows 7)
•3. Connect asdm-idm launcher we put IP Address: 192.168.1.1 and username, password enter.
Just whenever we login the wizard then the message shown “ Unable to connect the asdm manager”For your kind information we already setup jre6u7 java software.
I purchased the license P/N: ASA-CSC20-250U-1Y with Description: ASA 5500 CSC-SSM-20 250-User License Only Renewal (1-year)
But I had a mistake because I need support to 500 users. Now, to solve my mistake I want to know Do I can purchase another ASA-CSC20-250U-1Y to provide the 500 users suppor?
I mean, ¿are two (2) ASA-CSC20-250U-1Y equivalent to the 500 user license listed below?P/N, ASA-CSC20-500U-1Y with Description: ASA 5500 CSC-SSM-20 500-User License Only Renewal (1-year)
I have a functioning site-to-site VPN between two ASA 5505 appiances. Sub-net on one side is 192.168.20.0/24 (inside I/F) and on the other side is 192.168.30.0/24 (inside I/F). VPN is built over public Internet (outside I/Fs of those two ASAs).
Now I connected another subnet on 192.168.30.0/24 - e.g. 192.168.35.0/24. Traffic from 192.168.30.0 subnet is routed to 192.168.35.0 via Gateway at 192.168.30.250 IP.
My task is to make packets from 192.168.20.0 subnet to go to 192.168.35.0 subnet and vice versa.
I setup a static route on 20.0 ASA's Inside interface as 192.168.35.0 255.255.255.0 to 192.168.30.250. I also created NAT examptions for outbound packets from 20.0 to 35.0 and inbound as well. I also added destination network of 35.0 to VPN cryptomap traffic selection (on both ASAs).
I am trying to setup 4 cameras to view with remote live view. I set up my server with IP addresses of 192.168.1.80 .... 85. The screen has only the option for 1 video channel. I have seen on-line screen shots that have options for channel 1 through 8. I want to assign each camera to a different channel so I will be able to use remote live view to show all 4 cameras at the same time. I can only show one at a time. Do I need a different version than 3.3 or some obscure windows 7 setting?
View 5 Replies View RelatedIs it configurable to allow wifi user to user traffic on WLC 5508?
View 4 Replies View Related