328 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
Figure 7-26 Monitoring | System Status
Sessions
The Monitoring | Sessions screen, as seen in Figure 7-27, shows the statistics for the currently connected sessions. On this screen, you are able to limit the connections seen by group.
Figure 7-27 Monitoring | Sessions
Monitoring the Cisco VPN 3000 Series Concentrator 329
The screen is divided into four sections as follows. The following sections describe each in greater detail:
Session Summary
LAN-to-LAN Sessions
Remote Access Sessions
Management Sessions
This screen also provides you with a link to the top ten lists.
Sessions Summary
The Session Summary section displays a summary of all the active sessions and the peak concurrent sessions. The sessions limit and cumulative sessions are also displayed. This information is useful when determining how heavily you are utilizing the concentrator.
LAN-to-LAN Sessions
The LAN-to-LAN section allows you to see all the current LAN-to-LAN sessions. Noted in this section are the IP address and protocol used for connecting to the remote LAN as well as the encryption used. The time the tunnel was initiated and the duration the tunnel has been active are displayed next, followed by the bytes transmitted (Bytes Tx) and the bytes received (Bytes Rx). The Bytes Tx and Bytes Rx are useful when debugging a LAN-to-LAN connection. See Chapter 10, “Cisco VPN 3000 LAN-to-LAN with Preshared Keys,” for more information.
Remote Access Sessions
The Remote Access Sessions section shows the username, assigned IP address, and the public IP address for each of the connected remote access sessions.
The group to which this user belongs and the protocol encryption type are seen next. The duration of the connection, the client version, client type, and the Bytes Tx and Bytes Rx over the connection are shown.
Management Sessions
The Management Sessions Section shows those users connected to the concentrator for management purposes. The IP address, protocol used, and encryption type are shown, as well as the login time and the duration of the connection.
330 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
Top Ten Lists
The Top Ten Lists screen is shown in Figure 7-28. This screen enables the submenu system that allows you to see statistics for the top ten sessions. The choice of which sessions are included on these lists is based on data (the total amount of data sent and received), duration (the total time the session has been established), or throughput (the average amount of data throughput in bytes per second).
Figure 7-28 Monitoring | Sessions | Top Ten Lists
Choosing any of the three options brings you to the respective screen. All of these screens look virtually identical. The difference in them is merely the criteria for being selected for the list. As shown in Figure 7-29, groups may further filter the data. Choosing a group through the pulldown menu will show the top ten users for that individual group.
Statistics
Shown in Figure 7-30, the Monitoring | Statistics screen is used to move further down the menu structure to an individual statistic.
Monitoring the Cisco VPN 3000 Series Concentrator 331
Figure 7-29 Monitoring | Sessions | Top Ten List | Data
Figure 7-30 Monitoring | Statistics
Following is a list of the Monitoring | Statistics submenu options:
Accounting
Address Pools
Administrative AAA
332Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
•Authentication
•Bandwidth Management
•Compression
•DHCP
•DNS
•Events
•Filtering
•HTTP
•IPSec
•L2TP
•Load Balancing
•NAT
•PPTP
•SSH
•SSL
•Telnet
•VRRP
When you wish to view statistics based on any of the items shown in the preceding list, you merely need to click the appropriate link. For example, if you wish to see the address pools data, click the Address Pools link. You will be shown a screen similar to the one shown in Figure 7-31.
Figure 7-31 Monitoring | Statistics | Address Pools
Monitoring the Cisco VPN 3000 Series Concentrator 333
Events
If you want to see what events have occurred since the last reboot, you would click the Events link. This causes the screen shown in Figure 7-32 to be displayed. This screen lists all of the events.
Figure 7-32 Monitoring | Statistics | Events Screen
IPSec
One of the most important screens for statistics is the Monitoring | Statistics | IPSec screen. As seen in Figure 7-33, this screen gives you a wealth of information regarding the IPSec protocol. This screen is split into two areas: IKE (Phase 1) Statistics and IPSec (Phase 2) Statistics.
The IPSec screen may be the most useful of all the statistics because of the amount the IPSec protocol is relied on to form connections to your concentrator. Notice that not only are the successful connections shown, but also items such as Failed Initiated Tunnels and Failed Inbound Authentications. Because these types of information are shown on this screen, you are able to quickly troubleshoot connection failures. For example, should you have a problem connecting from a remote device, watching how the counters on this screen change as connections are attempted will reveal to you the cause of the failure.
334 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
Figure 7-33 Monitoring | Statistics | IPSec
MIB-II Statistics
The Monitoring | Statistics | MIB-II screen, as seen in Figure 7-34, is used to move further down the menu structure to an individual MIB statistics screen.
Figure 7-34 Monitoring | Statistics | MIB-II
Monitoring the Cisco VPN 3000 Series Concentrator 335
The MIB-II Statistics submenu system is shown in the following list so that you can familiarize yourself with the options available:
Interfaces
TCP/UDP
IP
RIP
OSPF
ICMP
ARP Table
Ethernet
SNMP
Notice that the available options here refer to more fundamental aspects of the concentrator than those available within the Monitoring | Statistics screen. This is important for you to remember for both the exam and for your daily work. If, for example, you want to see the statistics on an interface port, you will look in the MIB-II section. However, if you want statistics regarding load balancing, you will look in the Statistics section. Basically, if you think in terms of the ISO layers, you will see all the Layer 1, Layer 2, Layer 3, and Layer 4 statistics here. You will also see your routing protocols and TCP/UDP and SNMP packets here. Virtually everything else is seen in the Statistics screen.
Interfaces
A common task is to determine whether your interfaces are up. The Interfaces link allows you to see the state of your interfaces. As shown in Figure 7-35, this screen shows the state of your interface and the number of packets traversing the interface broken down by unicast, multicast, and broadcast types.
IP
The IP screen is another critical screen on this submenu (see Figure 7-36). This screen shows IP packets sent, received, and discarded.You also see items such as fragmentation successes and failures.
336 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
Figure 7-35 Monitoring | Statistics | MIB-II | Interfaces
Figure 7-36 Monitoring | Statistics | MIB-II | IP
RIP
Figure 7-37 shows the RIP screen. This screen shows you any errors regarding the RIP protocol. Should you experience issues regarding routes that should be known through RIP, refer to this screen when troubleshooting.
Monitoring the Cisco VPN 3000 Series Concentrator 337
Figure 7-37 Monitoring | Statistics | MIB-II | RIP
The whole of the Monitoring submenu system is used to find where issues in connectivity and performance lie. It is important for you to know where you can look to find that information. Take a few minutes and review Table 7-3 and the submenu lists for statistics and MIB II.
Memorizing the contents of these tables will serve you well in quickly and efficiently troubleshooting connectivity.