cisco traffic monitoring
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: cisco traffic monitoring

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325

    cisco traffic monitoring

    I have been playing with my cisco router for as long as I've had them.

    I haven't found a good way to monitor traffic though. Sure, I can put a sniffer before/after the router... but I wanted to do it through the router. Is that possible?

    I know I can show nat translations...

    sh ip nat tran

    But can I show the traffic/protocols in realtime?

    I'm just using a cisco router, not a PIX.

    On PIX, they have a show connections command... which is basically what the sh ip nat tran command does.. but I'm looking for something more informative.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Start Syslog, set up an off-router repository for the logs. Easy as pie.

    -edit: Dammit, I should have asked the obvious question. What model router and what IOS version are you running. I just noticed under your name it says you got an 831. I don't know if the SOHO routers support logging.

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I do have logging going to a syslog server. I'm running IOS 12.3.8T (I know there are updates...)... So, basically log everything? That won't give me packet dumps or anything, just connections/ports... I suppose I could do that...

    Right now I'm only logging firewall denied... not permitted.

    I suppose I'm asking too much from it. If it had to sniff/log all traffic... I'd probably be at the speeds of dial up when I'm done.

    I might just put the sniffer back on the inside of the router...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    HT has a good solution:

    One good way to do a packet dump on a Cisco is:

    router(config)#access-list 199 permit ip

    router(config)#access-list 199 permit ip

    router(config)#end
    router# debug ip packet 199 dump

    E.g.

    access-list 199 permit ip host 192.168.0.1 any
    access-list 199 permit ip any host 192.168.0.1

    Will dump packets destined to and from 192.168.0.1.
    Thats one smart focker right there.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    It's very dirty but can you run your traffic through a Linux box running IPTRAF?

    Your PIX can graph some things if you use the Java web tool (if supports)

    LINK:
    http://cebu.mozcom.com/riker/iptraf/

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I thought about putting another box in front of it... like you say. There are tons of tools I could use then... but I was hoping to get it all done with just what is there...

    I wish I had a pix though... maybe I can talk the GF into getting me one next year for my bday.

    I'll just have to talk it up big. She couldn't understand why I needed a 831 when I already had a 806... lol... women...

    I have it logging to a syslog server and I'm also using MRTG.
    That can graph traffic... that works pretty good.

    Might as well as just put it all on one box...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    I'm an assface and didn't properly read.

    I read you were using a PIX also.

    Sorry for my dumbness!!




  8. #8
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    No reason to be sorry. Thanks for your suggestion/input.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  9. #9
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by phishphreek80
    No reason to be sorry. Thanks for your suggestion/input.
    My wife says I have ADD.

    Wait, what was I going to say..??

    Since you already use MRTG, you can do a combo...

    This link may be helpful..

    http://www.taedium.com/rrd-iptraf/

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Nice link. I'll look into it.

    Thanks!

    Since you're around... If you wouldn't mind... check out another thread I started just now dealing with SNMP and MRTG.

    http://www.antionline.com/showthread...172#post782172
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •