monitoring VPN clients on PIX

Discussion in 'Cisco' started by tejlor, May 27, 2004.

  1. tejlor

    tejlor Guest

    Hello,

    I would like to monitor connected VPN IPsec clients on PIX515E with some
    GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

    tnx


    --
    regards,
    tejlor
    tejlor, May 27, 2004
    #1
    1. Advertising

  2. In article <Hgltc.3809$>,
    tejlor <> wrote:
    :I would like to monitor connected VPN IPsec clients on PIX515E with some
    :GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

    What kind of monitoring did you want to -do-? The PIX does not make
    very much information about VPNs available via SNMP (virtually none
    in fact); there might be more available via PDM.

    --
    Tenser, said the Tensor.
    Tenser, said the Tensor.
    Tension, apprehension,
    And dissension have begun. -- Alfred Bester (tDM)
    Walter Roberson, May 28, 2004
    #2
    1. Advertising

  3. tejlor

    tejlor Guest

    Walter Roberson wrote:

    > In article <Hgltc.3809$>,
    > tejlor <> wrote:
    > :I would like to monitor connected VPN IPsec clients on PIX515E with some
    > :GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?
    >
    > What kind of monitoring did you want to -do-? The PIX does not make
    > very much information about VPNs available via SNMP (virtually none
    > in fact); there might be more available via PDM.
    >



    I would like to monitor which VPN IPsec klient is connected at the moment..


    --
    regards,
    tejlor
    tejlor, May 31, 2004
    #3
  4. In article <HFEuc.4065$>,
    tejlor <> wrote:
    |> In article <Hgltc.3809$>,
    |> tejlor <> wrote:
    |> :I would like to monitor connected VPN IPsec clients on PIX515E with some
    |> :GUI. Is it possible with PDM or CiscoWorks or CiscoWorks VMS?

    |I would like to monitor which VPN IPsec klient is connected at the moment..

    I have just done some investigating, and the answer appears to be NO,
    that it is not possible to monitor that information.

    If you use PDM, you can examine the current IPSEC SA's in detail.
    That will allow you to see the IP addresses involved in any EZ VPN
    connection. However, the IPSEC SA's on the PIX do not keep a record of
    which vpngroup was involved -- no groupname for example. The PIX
    does not, as of 6.3(3), appear to have any way to show which vpngroup
    are currently active. Besides, vpngroup are *groups* -- you would
    normally have several sites connecting using the same vpngroup name
    and password, and then authenticating particular users. The PIX does not
    appear to have a mechanism for displaying currently authorized
    VPN Client users.

    --
    "Infinity is like a stuffed walrus I can hold in the palm of my hand.
    Don't do anything with infinity you wouldn't do with a stuffed walrus."
    -- Dr. Fletcher, Va. Polytechnic Inst. and St. Univ.
    Walter Roberson, May 31, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GVB
    Replies:
    1
    Views:
    2,806
    Martin Bilgrav
    Feb 6, 2004
  2. Svenn
    Replies:
    3
    Views:
    725
    Svenn
    Mar 13, 2006
  3. David Mitchell
    Replies:
    0
    Views:
    805
    David Mitchell
    Jun 21, 2006
  4. S Reese
    Replies:
    0
    Views:
    831
    S Reese
    Jan 18, 2008
  5. teodor
    Replies:
    0
    Views:
    1,515
    teodor
    Aug 20, 2009
Loading...

Share This Page