All Cisco-Network Study Notes: Sessions and Statistics cisco systems

Sessions and Statistics

The abutting several categories beneath the PDM Log class appearance affair and statistical

information accompanying to access and functionality on the PIX firewall.

These categories accommodate the following:

Secure Shell Sessions

Telnet Animate Sessions

User Licenses

PDM Users

DHCP Client

PPPoE Client

VPN Statistics

These categories are hardly altered from those discussed after in this section,

because they do not automatically amend and they artlessly appearance numeric

data rather than graphical output.

From the Monitoring tab, you can see advice apropos the current

administrative connectivity to the PIX. Furthermore, you can actively disconnect

administrative users application PDM. For instance, the categories Secure Shell Sessions,

Telnet Animate Sessions, and PDM Users all affectation authoritative connection

information.The screens accessible for anniversary of these categories are absolutely similar. Let’s

look at the Telnet Animate Sessions and PDM Users categories as an example.

Click the Telnet Animate Sessions class to appearance the Telnet Console

Sessions screen. An archetype is apparent in Figure 9.78.

In this example, one Telnet affair is currently affiliated to the PIX firewall.

The applicant name is SecureCorp-CSPM and the allocated basic animate is 0.The

server name appears as a name rather than an IP abode in this instance because

the host SecureCorp-CSPM has been configured via the Hosts/Networks tab.To

search for specific IP addresses affiliated to the PIX firewall via Telnet, blazon the

IP abode in the Appearance sessions for this IP Abode field, and bang the

Refresh button.The Secure Shell Sessions awning is absolutely agnate in attributes to the

Telnet Animate Sessions screen.

The PDM Users class displays the currently affiliated PDM sessions.

Click the PDM Users class to acknowledge the PDM Users awning apparent in

Figure 9.79.

www.syngress.com

PIX Device Manager • Chapter 9 535

www.syngress.com

Figure 9.78 The Telnet Animate Sessions Screen

Figure 9.79 The PDM Users Screen

536 Chapter 9 • PIX Device Manager

In this example, one PDM affair is currently enabled from arrangement host

172.20.100.1.

Sessions can additionally be broken in absolute time. For instance, if you doubtable the

PDM affair apparent is unauthorized, highlight the affair and bang the

Disconnect button. Similarly, abstract functionality is accessible from the

Secure Shell Sessions class as well.

PDM provides the adeptness to appearance the accepted user authorization calculation on the firewall.

This functionality is abnormally important for baby organizations and SOHO

environments that accept bound authorization PIX firewalls. Bang the User Licenses

category to appearance the currently acclimated licenses.The awning displays two values:

Number of Licenses in Use and Number of Licenses Available. Bang the

Refresh button to alter the awning with the best accepted user authorization statistics.

The categories DHCP Applicant and PPPoE Applicant both appearance statistical information

regarding the PIX firewall’s applicant DHCP and PPPoE services.These two

categories alone accept accordant advice if the alien interface of the PIX

firewall is configured with either DHCP or PPPoE applicant services.

If so, the assigned IP address, subnet mask, server IP address, charter time information,

default aperture IP address, and added accompanying advice can be found

by beat these categories.These categories are abnormally accessible for baby organizations

and SOHO environments whose firewalls accept activating settings.

From the VPN Statistics category, administrators can accretion admired information

regarding alive IKE aegis associations (SAs) and the assorted VPN protocols

available on the PIX firewall. Four specific subcategories abide beneath the

VPN Statistics category:

IKE SAs

IPSec VPNs

PPTP

L2TP

Information for anniversary of these subcategories is alone accessible if alive VPN sessions

exist on the firewall. Anniversary of the VPN Statistics subcategories includes the

ability to manually brace the awning appearance for adapted VPN-related statistics.

Furthermore, anniversary subcategory except IKE SAs facilitates abundant information

via the Appearance Details button.

For example, the IPSec VPNs awning provides the adeptness to appearance VPN source

and destination IP information, including packet encapsulation, decapsulation, and

error counts.The IPSec VPNs awning is apparent in Figure 9.80.

www.syngress.com

PIX Device Manager • Chapter 9 537

The IPSec VPNs, L2TP, and PPTP subcategory screens acquiesce you to monitor

various metrics apropos alive VPN access and brace the statistics data

manual back required.You can additionally displace the metric counts by beat the Clear

All Counters button. Highlight a affiliation and bang the Appearance Details

button to appearance detail apropos a specific VPN.