This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--===============2144047657==
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C6CC4E.C3C76D60"

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C6CC4E.C3C76D60
Content-Type: text/plain;
charset="iso-8859-1"

MRTG should be able to handle the case you are talking about below.

It has several options for tracking an interface or connection.

When you run cfgmaker you can specify a ifref options which can
track by IP or interface name etc.

Here are the options that MRTG can track on. Hopefully one of these
will work for you.

Options:
--ifref=nr interface references by Interface Number (default)
--ifref=ip ... by Ip Address
--ifref=eth ... by Ethernet Number
--ifref=descr ... by Interface Description
--ifref=name ... by Interface Name
--ifref=type ... by Interface Type


Thanks!

-Dennis

-----Original Message-----
From: Paul Lundgren [mailtoaul.lundgren@gmail.com]
Sent: Tuesday, August 29, 2006 4:24 PM
To: vpn@lists.shmoo.com
Subject: [VPN] Cisco IPSec Tunnel Bandwidth Utilization


I have a Cisco ASA 5520 supporting multiple VPNs - both remote-access and
Lan-to-Lan. I would like to monitor the bandwidth utilization on a single
IPSec Lan-to-Lan tunnel. The particular tunnel I want to monitor is quite
unstable and each time the VPN goes down and re-establishes itself the
interface index changes thus changing the SNMP OID used to measure the tx
and rx bytes for that respective tunnel. Is anyone familiar with a network
management app that can handle this case and continue to monitor a tunnel
over the long-term? I'm currently using MRTG and can write a script to try
to accomplish this myself but I'd prefer a cleaner solution since my coding
skills lean towards the novice side.

Thanks,
-Paul



------_=_NextPart_001_01C6CC4E.C3C76D60
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



charset=3Diso-8859-1">




class=3D561150416-30082006>MRTG=20
should be able to handle the case you are talking about=20
below.

class=3D561150416-30082006> 

class=3D561150416-30082006>It has=20
several options for tracking an interface or =
connection.

class=3D561150416-30082006> 

class=3D561150416-30082006>When=20
you run cfgmaker you can specify a ifref options which =
can

class=3D561150416-30082006>track=20
by IP or interface name etc.

class=3D561150416-30082006> 

class=3D561150416-30082006>Here=20
are the options that MRTG can track on.  Hopefully one of=20
these

class=3D561150416-30082006>will=20
work for you.

class=3D561150416-30082006> 

class=3D561150416-30082006>Options:
    =20
--ifref=3Dnr        interface =
references by=20
Interface Number (default)
    =20
--ifref=3Dip          =
            =
  =20
.... by Ip Address
    =20
--ifref=3Deth         &nbsp=
;           &nbsp=
; =20
.... by Ethernet Number
    =20
--ifref=3Ddescr         &nb=
sp;           =20
.... by Interface Description
    =20
--ifref=3Dname         &nbs=
p;           &nbs=
p;=20
.... by Interface Name
    =20
--ifref=3Dtype         &nbs=
p;           &nbs=
p;=20
.... by Interface Type

class=3D561150416-30082006> 

class=3D561150416-30082006> 

class=3D561150416-30082006>Thanks!

class=3D561150416-30082006> 

class=3D561150416-30082006>-Dennis

style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px =
solid">
face=3DTahoma=20
size=3D2>-----Original Message-----
From: Paul Lundgren=20
[mailtoaul.lundgren@gmail.com]
Sent: Tuesday, August 29, =
2006 4:24=20
PM
To: vpn@lists.shmoo.com
Subject: [VPN] Cisco =
IPSec=20
Tunnel Bandwidth Utilization

I have a Cisco ASA =
5520=20
supporting multiple VPNs - both remote-access and Lan-to-Lan.  I =
would=20
like to monitor the bandwidth utilization on a single IPSec =
Lan-to-Lan=20
tunnel.  The particular tunnel I want to monitor is quite =
unstable and=20
each time the VPN goes down and re-establishes itself the interface =
index=20
changes thus changing the SNMP OID used to measure the tx and rx =
bytes for=20
that respective tunnel.  Is anyone familiar with a network =
management app=20
that can handle this case and continue to monitor a tunnel over the=20
long-term?  I'm currently using MRTG and can write a script to =
try to=20
accomplish this myself but I'd prefer a cleaner solution since my =
coding=20
skills lean towards the novice side.=20


Thanks,
-Paul