Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > monitoring VPN clients on PIX

Reply
Thread Tools

monitoring VPN clients on PIX

 
 
tejlor
Guest
Posts: n/a
 
      05-27-2004


Hello,

I would like to monitor connected VPN IPsec clients on PIX515E with some
GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

tnx


--
regards,
tejlor
 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      05-27-2004
In article <Hgltc.3809$(E-Mail Removed)>,
tejlor <(E-Mail Removed)> wrote:
:I would like to monitor connected VPN IPsec clients on PIX515E with some
:GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

What kind of monitoring did you want to -do-? The PIX does not make
very much information about VPNs available via SNMP (virtually none
in fact); there might be more available via PDM.

--
Tenser, said the Tensor.
Tenser, said the Tensor.
Tension, apprehension,
And dissension have begun. -- Alfred Bester (tDM)
 
Reply With Quote
 
 
 
 
tejlor
Guest
Posts: n/a
 
      05-31-2004
Walter Roberson wrote:

> In article <Hgltc.3809$(E-Mail Removed)>,
> tejlor <(E-Mail Removed)> wrote:
> :I would like to monitor connected VPN IPsec clients on PIX515E with some
> :GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?
>
> What kind of monitoring did you want to -do-? The PIX does not make
> very much information about VPNs available via SNMP (virtually none
> in fact); there might be more available via PDM.
>



I would like to monitor which VPN IPsec klient is connected at the moment..


--
regards,
tejlor
 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      05-31-2004
In article <HFEuc.4065$(E-Mail Removed)>,
tejlor <(E-Mail Removed)> wrote:
|> In article <Hgltc.3809$(E-Mail Removed)>,
|> tejlor <(E-Mail Removed)> wrote:
|> :I would like to monitor connected VPN IPsec clients on PIX515E with some
|> :GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

|I would like to monitor which VPN IPsec klient is connected at the moment..

I have just done some investigating, and the answer appears to be NO,
that it is not possible to monitor that information.

If you use PDM, you can examine the current IPSEC SA's in detail.
That will allow you to see the IP addresses involved in any EZ VPN
connection. However, the IPSEC SA's on the PIX do not keep a record of
which vpngroup was involved -- no groupname for example. The PIX
does not, as of 6.3(3), appear to have any way to show which vpngroup
are currently active. Besides, vpngroup are *groups* -- you would
normally have several sites connecting using the same vpngroup name
and password, and then authenticating particular users. The PIX does not
appear to have a mechanism for displaying currently authorized
VPN Client users.

--
"Infinity is like a stuffed walrus I can hold in the palm of my hand.
Don't do anything with infinity you wouldn't do with a stuffed walrus."
-- Dr. Fletcher, Va. Polytechnic Inst. and St. Univ.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
easy vpn IOS - vpn clients cannot acces another network behind nat teodor General Computer Support 0 08-20-2009 11:51 AM
Cisco VPN clients unable to connect to 3725 VPN server S Reese Cisco 0 01-18-2008 06:44 PM
site-to-site VPN tunnel with remote VPN clients David Mitchell Cisco 0 06-21-2006 03:07 PM
VPN PIX-_static PIX ; PIX-dynamic_PIX ; VPN Client Svenn Cisco 3 03-13-2006 09:25 AM
PIX to PIX VPN and VPN Client to PIX Config Example? GVB Cisco 1 02-06-2004 07:44 PM



Advertisments