IPSec VPN Tunnel Throughput Monitoring

Reply
L1 Bithead

IPSec VPN Tunnel Throughput Monitoring

Is there a way within the palo alto firewalls to look at the active IPSec VPN tunnel throughput? I have a 3050 firewall with a handful of IPSec tunnels configured (individual and LSPVN tunnels) and I'm wondering how you would know if you were coming close to the throughput limit on IPSec traffic for the model of firewall you have.

L7 Applicator

Re: IPSec VPN Tunnel Throughput Monitoring

Hello,

We send the netflow info to a 3rd party product that tells us what is going on via the different connections. I think this is the best way since the PAN doesnt really show this historical data but can send netflow to something that does.

 

Regards,

L4 Transporter

Re: IPSec VPN Tunnel Throughput Monitoring

We have solar winds can i see the throughput there for all the ipsec tunnels?

L7 Applicator

Re: IPSec VPN Tunnel Throughput Monitoring


@MP18 wrote:

We have solar winds can i see the throughput there for all the ipsec tunnels?


Hello,

Yes if you have the NTA module and are sending netflow from your tunnel interfaces to the SW collector.

 

Regards,

L4 Transporter

Re: IPSec VPN Tunnel Throughput Monitoring

Hi,

 

How can i check I have NTA module?

Right now i am not sending netflow from tunnel interfaces to Solar.

 

Regards

Mike

L7 Applicator

Re: IPSec VPN Tunnel Throughput Monitoring

Hello,

Browse to the Solarwinds default web page in your environment. Scroll all the way to the bottom and it will list every module you have installed. NPM is the base install that is required. if you have NTA it will also be listed.

 

Regards,

L4 Transporter

Re: IPSec VPN Tunnel Throughput Monitoring

i have configured the tunnel interface with netflow profile.

my service route for netflow is management - default is this ok?

L7 Applicator

Re: IPSec VPN Tunnel Throughput Monitoring

Hello,

That is fine as long as it is allowed from the MGMT interface to the SolarWInds collector.

 

Regards,

L4 Transporter

Re: IPSec VPN Tunnel Throughput Monitoring

just curious how the management interface send data of the tunnel interface?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!