Monitore IPSec VPN bandwidth usage (inbound/outbound) using the Fortigate CLI

Author
whyouwannaknow
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/10/02 01:10:52
  • Status: offline
2019/10/02 01:19:48 (permalink)
0

Monitore IPSec VPN bandwidth usage (inbound/outbound) using the Fortigate CLI

Hello,
 
I have a Fortigate firewall (for security purposes, I won't tell the model and firmware version, but be sure that it's a recent one with latest version installed) and I would like to monitore the bandwidth usage of my IPSec VPN (inbound/outbound traffic).
 
What is the command that will give me that output (I don't want the bandwidth usage of a physical port like port1 or wan2), I need to check the bandwidth usage on a specific IPSec VPN. And also, is it possible to get that output in MB?
 
Thank you in advance.
 
PS: I need to have that output using CLI only not GUI.
#1

2 Replies Related Threads

    whyouwannaknow
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/10/02 01:10:52
    • Status: offline
    Re: Monitore IPSec VPN bandwidth usage (inbound/outbound) using the Fortigate CLI 2019/10/02 02:07:03 (permalink)
    0
    I found the command "diagnose netlink interface list XXX" (where XXX is the name of my IPSec VPN) but the output seems to be the overall amount of traffic that passed through the tunnel.
    I would like this type of output, but having the actual usage of the traffic that goes through the tunnel when I send the command (real time).
     
    Thanks.
    #2
    emnoc
    Expert Member
    • Total Posts : 5301
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: online
    Re: Monitore IPSec VPN bandwidth usage (inbound/outbound) using the Fortigate CLI 2019/10/02 04:07:13 (permalink)
    0
    Is it's a route-base just run any std mibs to collect in/out packets by bytes for that ifIndex.#  If you have a single policy for src/dst-subnet for example, you could also do  the following
     
    http://socpuppet.blogspot.com/2014/09/howto-find-out-how-many-bps-policy-is.html
     
    YMMV, you have to be creative.
     
    Ken Felix
     

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #3
    Jump to:
    © 2019 APG vNext Commercial Version 5.5