Cisco Firewall :: ASA5510 / How To Document The Networks Bandwidth Utilization

Mar 20, 2013

I have been assigned to find out the nature of the network's bandwidth utilazation. Is there a way to analyze traffic and breakdown the traffic on the ASA5510?

View 9 Replies


ADVERTISEMENT

Cisco Firewall :: PIX515E - Internal Nodes / Bandwidth Utilization?

Jan 13, 2013

The infrastructure has PIX515E as the Firewall and few Web Servers and Database Servers inside. Is it possible to retreieve information regarding the bandwidth available at the outside interface of PIX (Internet link utilization ) utilized by each of the nodes seperately? I could use SNMP to get the overall data transfer at the Outside interface of PIX but isit possible to get utilization details of individual nodes ? Is Netflow an option ?

View 10 Replies View Related

Cisco Firewall :: ASA5510 VPN Bandwidth Calculations

Mar 14, 2012

Were running an ASA5510 with multiple IPSEC VPN clients over a 100Mb leased line. At the moment we have about 10 active clients however we are looking at gearing up to about 100 clients.Question is, is there a known method for calculating the required bandwidth for this number of clients or indeed obtaining metrics from already connected clients with this calculation. We have tried a few monitoring products, most notably Solar winds, however none of the products we have tried seems to be able to give us the throughput of the individual VPN connections to assist with our calcs....

View 1 Replies View Related

Cisco Firewall :: ASA5510 - Connect Two 10.10.10.x Networks Using NAT

Dec 26, 2012

I've got an ASA5510 with an IPS/IDS module.  Because of a merger, I've got two 10.10.10.x networks (West and Central).   I'd like all West traffic to be IPS checked before going into Central.  Once it goes into Central, it's out of my hands.   Can I set up NAT to accomplish this?
 
Again, the traffic flow would be from West (10.10.10.1) through the ASA/IPS, and then to Central (10.10.10.1).  
 
Is this possible?  If not, do I need another router?

View 6 Replies View Related

Cisco Firewall :: How To Allocate Bandwidth In ASA5510 Using ASDM

Nov 3, 2012

How to allocate bandwidth for a certain host or service in Cisco ASA 5510 Firewall using ASDM? For instance, I would like to dedicate 2MB for H323 service (Video Conference Call).

View 1 Replies View Related

Cisco Firewall :: ASA5510 - Connect 2 Internal Networks

Apr 26, 2011

We recently got a Cisco ASA 5510 Security Appliance and I have some general question.

We have 1 T1 internet connection, and we have 2 internal networks.  These 2 internal networks currently hav access to the internet.  I am having issues with the 2 internal networks being able to communicate with each other.

View 2 Replies View Related

Cisco Firewall :: Significant Upload Bandwidth Decrease With ASA5510

Feb 25, 2013

They have an ASA-5510 with version 8.2(5).  They just upgraded their Internet bandwidth to 30 Mb both ways.If we do a speed test in front of the ASA, we get 28 Mb/s upload and download, with a ping of about 5 to 10 ms.If we go behind the ASA, the download is about the same, the upload is decreased to about 12 Mb/s and the ping goes to 260 ms The license is base, there are no additionnal function added to the firewall (no IPS).  I've check the speed and duplex and everything is fine.There are no drops on the interfaces or rules of the firewall, no drops on the Interface of the ISP router either. All interfaces are configured at 100Mb full duplex.I saw a couple of discussions on this in the forums, but they don't seem to come up with anything and they look like they end in the middle of the whole story, like once the problem is solved, they don't update their discussion.

View 6 Replies View Related

Cisco Firewall :: Two Private Networks On ASA5510 With Default ISP Gateway?

Mar 11, 2013

Currently a network consists of two subnets, one subnet is behind a ASA and the other behind a PIX, both connecting to the ISP's routers. If the PIX is retired, is it possible to create/consolidate the two networks protected by the ASA5510 with the default gateway being the ISP?
 
How can two private networks be protected by the ASA5510? One conceptual way is to create the VLANS on a layer 3 switch, on the "inside" interface of the ASA. In this senario what would the "inside" network's IP address?  If the above is possible, how would natting occur?
 
Is there an efficient configuration to protect two networks protected by the 5510, other than creating a DMZ?
 
Is it possible to create two private networks with same level of security, 100 on a three network interface connections?

View 12 Replies View Related

Getting High Bandwidth Utilization

Sep 18, 2011

I am working as net admin which is i need to monitoring and manage my workplace network( education center )I got a few question about network traffic flow. Here is the issued.I got high bandwidth utilization so high after office hours which is only on night. as we know, after office hours there is no person at the office but the traffic flow on bandwidth utilization is high.what are the possibilities of this issued?

View 1 Replies View Related

How To Measure Bandwidth Utilization

Feb 15, 2011

How to find bandwidth utlization and who consumed bandwidth lot.? Basically ,I would use speedtest.net for speedtest and will ask from ISP for bandwidth utilization.

Is there any way that to measure bandwidth utilization and who consumed lot based on IPaddress?

View 1 Replies View Related

Cisco :: Bandwidth Utilization On Topology Diagram Of LMS 4.2?

Feb 12, 2013

I am running LMS 4.2 , using that i am monitering some switches . I am using topology services also. In that i am getting veiw of all connected devices with links. But bandwidth utilization is for those links are not showning in topology veiw .
 
Is there any settings to be done in LMS 4.2.2 or any configuration changes to done on my switches ?  to find the traffic flow  bandwidth utilization.

View 1 Replies View Related

Cisco Firewall :: 5505 - Unexpected Error Following PAT Example Document ASA 8.3

Apr 7, 2011

I use a CISCO ASA 5505 with ASA 8.3. Everything works fine, but when I type the following line I get an error message:

nat (inside,outside) source dynamic OBJ_SPECIFIC_192-168-1-0 10.1.5.5ERROR: 10.1.5.5 doesn't match an existing object or object-groupI even tried to create the missing object but it did not work. The document also explains how to use ASDM for this configuration. It seems that there an object 10.1.5.5. is created.

This is the output of "show running-config":

ASA Version 8.3(1) !hostname ciscoasaenable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 !interface Vlan2 nameif outside security-level 0 ip address 10.1.5.1 255.255.255.0 !interface Ethernet0/0 switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2! interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!ftp mode passiveobject network obj_any subnet 0.0.0.0 0.0.0.0object network

[code]....

View 1 Replies View Related

Cisco VPN :: 5520 - Monitoring IPSec Tunnel Bandwidth Utilization

Sep 8, 2011

We have a Cisco ASA 5520 supporting multiple VPNs - both remote-access  and Lan-to-Lan.  We would like to monitor the bandwidth utilization of the IPSec Lan-to-Lan tunnels.

View 3 Replies View Related

Cisco :: Using SNMP To Monitor Bandwidth Utilization History ASA 5510

Dec 22, 2008

I matched the traffic statistics on one of my Cisco ASA site-site tunnels with the OID:1.3.6.1.4.1.9.9.171.1.4.3.1.1.25.4142 (cipSecTunHistInOctets).  I was real proud of myself for a few days until I checked the history and found the OID wasnt working.After some troubleshooting I found that the last four digits (4142 in this case) change whenever the tunnel drops and re-establishes itself. Any way to collect tunnel utilization history on an ASA with SNMP?  Is there a different OID I can use thats based on the endpoint IP?

View 2 Replies View Related

Cisco Switching/Routing :: 3750Gs / MRTG Bandwidth Utilization Not Same As Sh Interface

Dec 19, 2011

The other day  3rd party supplier ran some stats on our Gigabit link between 2  Cisco catalyst 3750Gs.now the graphs produced showed only a Maximum output of about 100Mbps ( 5 minute intervals) yet when I do a show interface it shows a lot more always 150Mbps and more. So I did my own Perl script  doing an "sh interface" every minute and then graphed it, and the results were a lot different to the MRTG results.Questions: I know MRTG uses SNMP  to get the traffic  is there a bug in the SNMP, what OID does it use?does the "sh  interface" give the correct results?

View 2 Replies View Related

Cisco WAN :: Aironet 1240AG - Setup Guest Network That Is Secure And Limited In Bandwidth Utilization?

Jan 27, 2013

I have a Cisco Aironet 1240AG Access Point and I am trying to setup a guest network that is secure and limited in bandwidth utilization. I see an option under security > SSID Manager on the web interface to select an interface of Radio0-802.11G, Radio1-802.11A or both. Can I put the guest network on the Radio1-802.11A and make it more secure/bandwidth limited or does this option not matter?

View 3 Replies View Related

Cisco WAN :: Limiting Incoming Bandwidth On ASA5510

Feb 6, 2012

I have a Cisco ASA5510 with two Cisco Catalyst 3560G switches plugged into it. Then I have 2 Cisco1400 Aironet WAPs plugged into the switches.
 
My goal is to limit incoming bandwith for two specific vlans. So users who are plugged into the switch or connected to the wifi can't go bandwidth crazy.
 
The rule I currently have setup on the ASA5510 is limiting internal bandwidth, I know shame on me.
 
So how do I setup a rule on the ASA5510 that will limit users external traffic on vlans without limit internal lan traffic?

View 5 Replies View Related

Cisco VPN :: ASA5510 WebVPN Access And Browse Networks

May 4, 2012

I'm configuring an asa device for web access: SSL VPN service. I can have a user authenticate for web session with their active directory domain credentials (username and password). Once their web session has started, moving to the "browse networks" feature for a share viewing requires them to authenticate once again - "authenitcation required". I'd like to configure the device so that authenticating to the windows file share will be attempted using the previously entered credentials.

View 2 Replies View Related

Cisco Firewall :: Difference ASA5510-BUN-K9 And ASA5510-Sec-Bun-K9

Jun 6, 2012

ASA 5510 have two model Bun-K9 and Sec-Bun-K9 from the datasheet find out difference Port related and Redundancy. My questions is : Have any major difference for Security service between two model ?

View 3 Replies View Related

Cisco Firewall :: ASA 5520 CPU Utilization Is 100 %

Sep 27, 2011

We have configured 20 route in ASA 5520. The CPU usage goes to 100 % at the moment when we add a specific route.route inside 10.254.101.0 255. 255. 255.0 10.254.102.254 1.This is the same case when we add this route at the first cli or as the 10th cli or the 21 cli (errespective of the position of cli) There is an another route out of which 20 routes we have configured is route inside 10.254.103.0 255.255.255.0 10.254.102.254 1.The normal case if we dont add the problamatic route , then the CPU utilization is only 2 %.

View 1 Replies View Related

Cisco Firewall :: 3015 - CPU Utilization

May 28, 2011

We have a VPN concentartor which is having few VPN and doing  NAT (Static and PAT) as well. One of our customer has added huge number  of serves so we have to do hundreds of static and PAT rules.we have  really large number of customers which are growing and do so the NAT in  VPN concentartor.
 
I am bit concern and want to know what will be the best way to check that how my VPN concentartor is doing .As we all know its a GUI i try to check few stuff but couldnt get any info.... the model number is 3015.

View 3 Replies View Related

Cisco Firewall :: PIX 501 - Memory Utilization?

Jul 6, 2011

I've deployed many Cisco PIX 501 v6.3.3 either as normal firewalling feature and/or with VPN features enabled. I noticed in all my deployments, regardless if it's during peak hours or after office hours, the memory utilization is always consistent 11MB utilized over the total of 16MB(memory default size).

View 3 Replies View Related

Cisco Firewall :: High CPU Utilization On ASA 5550?

Mar 10, 2013

I have Active Standby ASA5550 setup with VPN premium license. A few days back we had a requirement of SSL VPN connection for and we got a temporary from Cisco for same, this license expired and the ASA reverted to it's original license. 3 4 days after this we saw a sudden increase in CPU utilization (upto 90% + -5%) on the ASA during production hours but were not able to figure out the reason, in order to restore the services we failovered the firewall to secondary and everything worked fine. We were suspecting one of the following but there were no logs for any of this
 
1. The ASA hardware was haivng problem

2. Some client was doing a DoS attack to bring down the ASA (no logs for this as well).
 
We took a downtime to look further by failovering the ASA back to primary and it worked fine without any issues ruling out the 1st option. We also came across a licesing doc [URL]
  
Downgrading any license (for example, going from 10 contexts to 2 contexts).
 
# Note If  a temporary license expires, and the permanent license is a downgrade,  then you do not need to immediately reload the security appliance; the  next time you reload, the permanent license is restored.
  
As per this doc, sooner or later a restart was required on the ASA. We restarted secondary ASA and everthing was fine but when we restarted the primary ASA by swtiching over to secondary some of the server (not all) in the DMZ stopped working (even ICMP unreachable) and only came back to normal when the primary ASA was restored and working fine (with failover).
 
The reboot was done by shuting down the physical link between the Core switch and ASA inside individually.
 
I am not sure what could be the issue that the servers in the DMZ wen unreachable.

View 0 Replies View Related

Cisco Firewall :: High CPU Utilization On ASA 5540

May 11, 2008

I have a remote site customer with a Cisco ASA 5540 running SSLVPN (Anyconnect)(8.03). It currently only serves about 450 SSLVPN clients. Since last friday, they've seen the CPU utilization go up to high 90% while only serving 400+ remote users. I saw some high cpu utilization bugs, but none looked to be relevant. How I can find the root cause of the CPU high utilization?

View 2 Replies View Related

Cisco Firewall :: High CPU Utilization - ASA 5520

Dec 22, 2012

we have ASA 5520 with IOS 8.0 , when i am trying to add more static routes on the inside interface the CPU utilization is going up. one faced the same issue. I am configuring through the cisco ASDM 6.1(3)f.

View 1 Replies View Related

Cisco Firewall :: High Cpu Utilization On Pix 515E?

Aug 9, 2012

I am facing high CPU util on my pix 515 E which is in failover mode.During peak hours the util is see rising to 60% where as in off peak hours it is normally12%.
 
During normal operation the average utilisation was observed to be 30% but suddenly from 2/3 days it is constantly 60% doule the value as earlier. Have gone through the logs and traffic but not able to tarce anything particular
 
below is the o/p of some command taken for analysis
 
IOS version 8.0(4) 
sh cpu usage
CPU utilization for 5 seconds = 51%; 1 minute: 61%; 5 minutes: 58%
sh cpu usage

[Code]......

View 1 Replies View Related

Cisco Firewall :: ASA 5520 Memory Utilization Over 799%

May 2, 2013

I was looking at my CISCO ASA 5520 and i found something really strange
 
ciscoasa/VPN-context# sh mem detail
Used memory:      4259249568 bytes (793%)
-------------     ----------------
Total memory:      536870912 bytes (100%)
 
but when I look at the system context this is what I see
 
ciscoasa# sh mem
Free memory:       170829000 bytes (32%)
Used memory:       366041912 bytes (68%)
-------------     ----------------
Total memory:      536870912 bytes (100%)
 
As far as I know the ASA is working good.
 
Info of the device
Hardware:   ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

View 3 Replies View Related

Cisco Firewall :: Memory Utilization On 5510?

Nov 21, 2012

Just want to check with you about memory utilization on the Asa 5510 ..
 
Free memory: 19%
Used Memory: 81%
 
Is this normal? Because we hade a problem this morning and the memory was at 100%.. 
 
Device Manager version 6.1(5) 57 
Hardware:   ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

View 4 Replies View Related

Cisco Firewall :: High Cpu Utilization On ASA 5520?

Sep 25, 2012

I am seeing high cpu utilization on 5520.
 
fw# sh processes cpu-usage sorted non-zero
PC         Thread       5Sec     1Min     5Min   Process
0x081e1e11   0x6ddc1528   70.6%   66.5%   66.0%   Dispatch Unit
0x08ed170c   0x6ddb9b48     1.6%     1.7%     1.8%   Logger
0x08dd5f2c   0x6ddafee0     1.5%     1.5%     1.5%   SNMP Notify Thread
0x08e8d045   0x6dd99348     0.1%     0.1%     0.1%   ssh

View 2 Replies View Related

Cisco Firewall :: CPU Utilization When Running Two Syslogs ASA5550

Mar 3, 2011

I want to run two syslogs, one to Loglogic for compliance and the other to Solarwinds for network administration. Currently the firewall is setup for just the one syslog device. If I add an additional device ie further IP in the config for the Loglogic box will there be any noticeable differences in the performance of the firewall, does affect the cpu utilisation, or memory in any way.  

View 1 Replies View Related

Cisco Firewall :: PIX525 Sudden High CPU Utilization?

Feb 22, 2013

Would like to ask for everyones assistance with regards to the problems we are encountering on our PIX525 firewall. Our encountered problem is as follow."PIX 525 experience sudden high CPU utilization every time a Vulnerability System Scan (third part app) is conducted. Based on the previous experiences, the high CPU utilization where experience when a host on a particular VLAN (214) is being scanned. Whenever we removed the said VLAN (214) in the network the CPU utilization of PIX 525 comes back to normal and all connectivity were resumed."The problem just recently appeared, we are conducting vulnerability system scan before and it goes successfully.

View 5 Replies View Related

Cisco Firewall :: Very High Memory Utilization In PIX 515e?

Feb 15, 2012

We had two PIXes in our environment and working as a active-failover mode. Its noted in now a days the active PIX memory utilization is 98% and for standby PIX it is 96%. And also in some times we were experiencing packet loss to the ip of active PIX and which reflects in the inside servers access also. During that time the active pix was not accessible via ssh as well as ASDM. We have tried reloading the PIX and changing failover state of the PIX, but it results only a temporary solution. Current memory installed is 128 MB (maximum upgraded), so a upgrade is also not possible. Please see the show command outputs from the PIX. Current Software version is 7.2(4)
 
sh memory output (PIX 1 - active)
 Free memory:         4850944 bytes ( 4%)
Used memory:       129366784 bytes (96%)

[code]....
 
1) How we can pin point the root cause of this high memory utilization?

2) What might be the reason for the high memory utilization for the standby pix (96%), still the PIX is in idle state?

3) Is it a hardware issue or a memory leak issue, then how can we find out?

4) Is a software upgrade to new version resolves the memory issue?

View 10 Replies View Related

Cisco Firewall :: 6509 - High Utilization On Core

May 22, 2012

We have a 6509 core with the below modules running for a long time and the utilization used to be always 10 to 13 percent checking with the supplier it was told to us that due to the firewall modue we have and its normal Now 2 days back i noticed the utilzation had jumped to 90 % and now it happened again
 
I see that on runnung proc cpu
 
16407    56.1%   56.5%    55.9% ios-base
 
16430    35.3%   35.2%    33.9% iprouting.iosproc  
 
the modules present
 
Mod Ports Card Type                              Model              Serial No.--- ----- -------------------------------------- ------------------ -----------  1    6  Firewall Module                        WS-SVC-FWM-1       SAD140901XA  3   16  16 port 1000mb GBIC ethernet      

[Code].....

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved