How to count bytes from IPSEC?

Discussion in 'Cisco' started by ilya, Dec 21, 2004.

  1. ilya

    ilya Guest

    ilya, Dec 21, 2004
    #1
    1. Advertisements

  2. ilya

    CiscoDude Guest

    Hi,
    You can use for example MRTG to poll the router via SNMP and then
    select the virtuel
    Tunnel you created in the router this will show you all the traffic.
    If you select the physical interface you see the same + the encrypition
    overhead.

    Works great !
     
    CiscoDude, Dec 21, 2004
    #2
    1. Advertisements

  3. ilya

    ilya Guest

    Thank for yor reply. I`m using MRTG.
    But what OID I cat use to show vpn-traffic? I don`t use tunnel
    interface.
    Example of my configs:

    crypto isakmp policy 1
    hash md5
    authentication pre-share
    crypto isakmp key key123 address 2.2.2.3 no-xauth
    crypto ipsec transform-set notstrong esp-des esp-md5-hmac
    crypto map office 1 ipsec-isakmp
    set peer 2.2.2.3
    set transform-set notstrong
    match address 102
     
    ilya, Dec 21, 2004
    #3
  4. ilya

    Hansang Bae Guest


    Older IOS are sorely lacking in terms of IPSec monitoring
    capabilities. We requested a bunch of stuff to be added and Cisco
    added them into 12.2(18)E5 (I think that was the right one). But
    alas, we ran into some crypto bugs where the SAs would not negotiate
    properly so Cisco's looking into it.


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Dec 22, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.