{"id":706,"date":"2010-10-01T23:36:08","date_gmt":"2010-10-01T21:36:08","guid":{"rendered":"http:\/\/www.netexpertise.eu\/en\/?p=706"},"modified":"2021-08-27T07:50:11","modified_gmt":"2021-08-27T05:50:11","slug":"troubleshoot-and-monitor-traffic-on-pixasa","status":"publish","type":"post","link":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html","title":{"rendered":"Troubleshoot and Monitor Traffic on Cisco PIX\/ASA"},"content":{"rendered":"\n

You are experiencing extremely slow response times, bandwidth is flat-lining or unusually high, or download speeds are close to 0? Here you will find how to troubleshoot and monitor traffic going through a Cisco<\/a> ASA or PIX firewall with the command line.
\u00a0<\/p>\n\n\n\n

Access Lists Statistics<\/h3>\n\n\n\n

You’ve most likely configured some access lists to filter the traffic going through the device. This is what firewalls do. You can get a quick overview of what kind of traffic is coming through your firewall with ACL statistics.
You can add more rules to narrow down where the traffic is going.<\/p>\n\n\n\n

cisco_pix# show access-list acl_in\naccess-list acl_in; 17 elements\naccess-list acl_in line 1 permit tcp any any eq domain (hitcnt=7)\naccess-list acl_in line 2 permit udp any any eq domain (hitcnt=40379)\naccess-list acl_in line 3 permit tcp any any eq www (hitcnt=157103)\naccess-list acl_in line 4 permit tcp any any eq 8080 (hitcnt=466)\naccess-list acl_in line 5 permit tcp any any eq https (hitcnt=1910)\naccess-list acl_in line 6 permit tcp any any eq ftp (hitcnt=2)\naccess-list acl_in line 7 permit tcp any any eq smtp (hitcnt=550)\naccess-list acl_in line 8 permit tcp any any eq pop3 (hitcnt=14660)<\/code><\/pre>\n\n\n\n
 
Reset hit counters in configuration mode to get the latest statistics:<\/p>\n\n\n\n
cisco_pix# configure terminal\ncisco_pix(config)# clear access-list acl_in counters<\/code><\/pre>\n\n\n\n

Traffic Statistics<\/h3>\n\n\n\n
You can also display each PIX interface global traffic. You’re better off resetting data to get accurate results.<\/p>\n\n\n\n
cisco_pix# clear traffic<\/code><\/pre>\n\n\n\n
 
Give it a few minutes to collect the data and display the overall traffic.<\/p>\n\n\n\n
cisco_pix# show traffic\noutside:\n        received (in 9.570 secs):\n                133 packets     19918 bytes\n                13 pkts\/sec     2081 bytes\/sec\n        transmitted (in 9.570 secs):\n                199 packets     22997 bytes\n                20 pkts\/sec     2403 bytes\/sec\ninside:\n        received (in 9.570 secs):\n                158 packets     14392 bytes\n                16 pkts\/sec     1503 bytes\/sec\n        transmitted (in 9.570 secs):\n                102 packets     14264 bytes\n                10 pkts\/sec     1490 bytes\/sec<\/code><\/pre>\n\n\n\n

Monitor the Type of Traffic<\/h3>\n\n\n\n
You can also display the number of connections per second for each type of traffic, from transport to application layers.<\/p>\n\n\n\n
cisco_pix# show perfmon\n\nPERFMON STATS:    Current      Average\nXlates               0\/s          0\/s\nConnections          0\/s          0\/s\nTCP Conns            0\/s          0\/s\nUDP Conns            0\/s          0\/s\nURL Access           0\/s          0\/s\nURL Server Req       0\/s          0\/s\nTCP Fixup           27\/s          1\/s\nTCPIntercept         0\/s          0\/s\nHTTP Fixup           5\/s          2\/s\nFTP Fixup            0\/s          0\/s\nAAA Authen           0\/s          0\/s\nAAA Author           0\/s          0\/s\nAAA Account          0\/s          0\/s\n<\/code><\/pre>\n\n\n\n

Sessions Details<\/h3>\n\n\n\n
Display the current and maximum number of connections:<\/p>\n\n\n\n
cisco_pix# show connections count\n35 in use, 195 most used<\/code><\/pre>\n\n\n\n
 
Or going deeper into details with each established connection:<\/p>\n\n\n\n
cisco_pix# show connections\n33 in use, 195 most used\nTCP out 172.18.0.1:23 in 192.168.9.101:1155 idle 0:00:32 Bytes 19354 flags UIO\nTCP out 172.18.0.1:23 in 192.168.9.107:1151 idle 0:03:49 Bytes 156840 flags UIO\n...<\/code><\/pre>\n\n\n\n
 
Useful since it shows the amount of tranfered bytes for each connection.
 <\/p>\n\n\n\n
Memory and Processor<\/h3>\n\n\n\n
Pay attention to your memory and CPU resources indeed. Entry level Cisco firewalls aren’t equipped with a lot of memory. <\/p>\n\n\n\n
cisco_pix# show cpu usage\nCPU utilization for 5 seconds = 2%; 1 minute: 2%; 5 minutes: 6%\n\ncisco_pix$ show memory\nFree memory:         5069344 bytes\nUsed memory:        11707872 bytes\n-------------     ----------------\nTotal memory:       16777216 bytes<\/code><\/pre>\n\n\n\n

Ongoing Traffic Monitoring<\/h3>\n\n\n\n
Many tools are available out there to monitor traffic on Cisco ASA \/ PIX. You can detect something is wrong only if you can compare with previous data. Graphs are the best way to achieve this.
Among the most popular tools, I’ve retained Cacti, MRTG as well as Smokeping. Smokeping<\/a> lets you graph and check links latency.<\/p>\n\n\n\n
You can get more information on this online on Cisco documentation<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
You are experiencing extremely slow response times, bandwidth is flat-lining or unusually high, or download speeds are close to 0? Here you will find how to troubleshoot and monitor traffic going through a Cisco ASA or PIX firewall with the command line. \u00a0 Access Lists Statistics You’ve most likely configured some access lists to filter […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[21],"tags":[309,388,212,217],"yoast_head":"\nNetexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA<\/title>\n<meta name=\"description\" content=\"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Netexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA\" \/>\n<meta property=\"og:description\" content=\"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html\" \/>\n<meta property=\"og:site_name\" content=\"Netexpertise\" \/>\n<meta property=\"article:published_time\" content=\"2010-10-01T21:36:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-27T05:50:11+00:00\" \/>\n<meta name=\"author\" content=\"dave\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@netexpertise\" \/>\n<meta name=\"twitter:site\" content=\"@netexpertise\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html\",\"url\":\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html\",\"name\":\"Netexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA\",\"isPartOf\":{\"@id\":\"http:\/\/www.netexpertise.eu\/en\/#website\"},\"datePublished\":\"2010-10-01T21:36:08+00:00\",\"dateModified\":\"2021-08-27T05:50:11+00:00\",\"author\":{\"@id\":\"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/cb4cd666549d22e9070ec1cfc1a496fa\"},\"description\":\"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining\",\"breadcrumb\":{\"@id\":\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/www.netexpertise.eu\/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Troubleshoot and Monitor Traffic on Cisco PIX\/ASA\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.netexpertise.eu\/en\/#website\",\"url\":\"http:\/\/www.netexpertise.eu\/en\/\",\"name\":\"Netexpertise\",\"description\":\"Systems \/ Networks \/ DevOps\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.netexpertise.eu\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/cb4cd666549d22e9070ec1cfc1a496fa\",\"name\":\"dave\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"caption\":\"dave\"},\"sameAs\":[\"http:\/\/www.netexpertise.eu\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Netexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA","description":"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html","og_locale":"en_US","og_type":"article","og_title":"Netexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA","og_description":"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining","og_url":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html","og_site_name":"Netexpertise","article_published_time":"2010-10-01T21:36:08+00:00","article_modified_time":"2021-08-27T05:50:11+00:00","author":"dave","twitter_card":"summary_large_image","twitter_creator":"@netexpertise","twitter_site":"@netexpertise","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html","url":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html","name":"Netexpertise - Troubleshoot and Monitor Traffic on Cisco PIX\/ASA","isPartOf":{"@id":"http:\/\/www.netexpertise.eu\/en\/#website"},"datePublished":"2010-10-01T21:36:08+00:00","dateModified":"2021-08-27T05:50:11+00:00","author":{"@id":"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/cb4cd666549d22e9070ec1cfc1a496fa"},"description":"Troubleshoot and monitor traffic with the command line on a Cisco ASA when response times are slow and bandwidth is flatlining","breadcrumb":{"@id":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.netexpertise.eu\/en\/networking\/cisco\/troubleshoot-and-monitor-traffic-on-pixasa.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/www.netexpertise.eu\/en"},{"@type":"ListItem","position":2,"name":"Troubleshoot and Monitor Traffic on Cisco PIX\/ASA"}]},{"@type":"WebSite","@id":"http:\/\/www.netexpertise.eu\/en\/#website","url":"http:\/\/www.netexpertise.eu\/en\/","name":"Netexpertise","description":"Systems \/ Networks \/ DevOps","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.netexpertise.eu\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/cb4cd666549d22e9070ec1cfc1a496fa","name":"dave","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/www.netexpertise.eu\/en\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","caption":"dave"},"sameAs":["http:\/\/www.netexpertise.eu"]}]}},"_links":{"self":[{"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/posts\/706"}],"collection":[{"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/comments?post=706"}],"version-history":[{"count":0,"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/posts\/706\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/media?parent=706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/categories?post=706"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/en\/wp-json\/wp\/v2\/tags?post=706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}