Wireshark-users: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
From: Giles Coochey <giles@xxxxxxxxxxx>
Date: Fri, 09 Aug 2013 10:02:04 +0100
On 08/08/2013 19:49, Gary Drost wrote:
I have a site with two branch offices.  The branch offices communicate back to the main office through Branch Office VPN tunnels over the Internet.
 
If the office IP structure is:
 
  Main - 192.168.1.x
  Br1 - 192.168.2.x
  Br2 - 192.168.3.x
 
Can I use Wireshark at the main site to record the traffic coming to the main site from the remote sites over those VPN tunnels in order to determine the current bandwidth used by that traffic?
 
Can I do it without having to capture all the traffic (i.e. can I report on the bandwidth the traffic is using without having to capture that traffic)?
 
I would expect that I will need to capture stats for about a week and don't want to have to save GB worth of wireshark data, unless I have to, in order to accomplish this.
 
Thanks,
 
Gary
 
 
Gary,

Wireshark isn't the best tool for this kind of thing. See if your routers support Netflow - there are both commercial and open source products that can interpret Netflow records and provide you with good accounting of your traffic usage.

If you need help with this then contact me off list for a quote to get this set up using open source tools, or you could try rolling your own.
-- 
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles@xxxxxxxxxxx

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature