Monitoring Button on the ASDM Menu Bar
Selecting any of the following options in the Categories list provides a corresponding pane
of monitoring statistics for the Cisco Security Appliance:
■ ASDM Log—Displays the Syslog messages currently in the PDM Log buffer on the
Security Appliance. A snapshot of the ASDM Log buffer contents on the Security
Appliance can be displayed.
■ ASDM/HTTPS—Enables you to monitor connections made to the Security Appliance
using ASDM. A snapshot of the current ASDM user sessions to the Security Appliance
is displayed.
■ Telnet Sessions—Enables you to monitor connections made to the Security Appliance
using Telnet. A snapshot of current Telnet sessions to the Security Appliance is displayed.
■ Secure Shell Sessions—Enables you to monitor connections made to the Security
Appliance using Secure Shell (SSH). When the Secure Shell pane is displayed, a snapshot
of the current SSH sessions to the Security Appliance is available.
NOTE After specifying the information to be graphed, the graphical information is
displayed in a separate window (New Graph window) when you click the Show Graphs
button (see Figure 15-19). The graphical information displayed in the New Graph window
can be printed or bookmarked in your browser for later recall. The data may also be
exported for use by other applications.
■ User Licenses—Displays the number of current users, which is subtracted from the
maximum number of users for your Security Appliance licensing agreement.
■ DHCP Client—Displays DHCP-assigned interface parameters when DHCP addressing
is configured on the outside interface of the Security Appliance. A snapshot of the current
DHCP lease information is displayed.
■ VPN Statistics—Lets you graphically monitor the following functions:
— Number of active IPSec tunnels
— Detailed IPSec information (similar to the CLI command show ipsec sa
detail)
■ System Graphs—Enables you to build the New Graph window, which monitors the
Security Appliance’s system resources, including block utilization, CPU utilization,
failover statistics, and memory utilization.
■ Connection Graphs—Enables you to monitor a wide variety of performance statistics for
Security Appliance features, including statistics for xlates, connections, AAA, inspect,
URL filtering, and TCP intercept.
■ IPS (located under Miscellaneous Graphs)—Enables you to monitor intrusion detection
statistics, including packet counts for each IPS signature supported by the Security
Appliance.
■ Interface Graphs—Enables you to monitor per-interface statistics, such as packet counts
and bit rates, for each enabled interface on the Security Appliance.
Using ASDM for VPN Configuration
Chapter 13, “Virtual Private Networks,” explained how to configure VPN on the Cisco
Security Appliance via the CLI. One of the difficult configuration and troubleshooting issues
occurs with VPNs. Quite often, typos occur when you create a VPN configuration via the
CLI. For novice administrators of the Cisco Security Appliance, remembering the commands
and their sequence can sometimes be difficult. ASDM presents a user-friendly VPN Wizard
that creates both site-to-site and remote-access VPNs for the Cisco Security Appliance
(accessible via the Wizards menu on ASDM). Administrators are prompted for unique
parameters such as IP addresses, and they use drop-down menus to configure their VPN. The
following sections discuss the steps involved in creating a site-to-site VPN and a remoteaccess
VPN using the VPN Wizard on ASDM.
NOTE If an interface is not enabled using the Interfaces tab, no graphs are available for