dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
26

Paulg
Displaced Yooper
Premium Member
join:2004-03-15
Neenah, WI

Paulg to beachintech

Premium Member

to beachintech

Re: Monitoring Bandwidth/Traffic Inline in K12 setting

Unfortunately, those Cisco models don't support net flow. What is providing firewall services?

beachintech
There's sand in my tool bag
Premium Member
join:2008-01-06

beachintech

Premium Member

We are part of a state wide network, so we don't have anything providing firewall services at each location, it's provided farther upstream out of my scope.

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

You could setup Untangle firewall in transparent bridge mode and monitor bandwidth and a host of other items such as content, etc. It is free and you only need a small box and two NICs.

For testing purposes any box would probably suit your needs. If you want to keep it permanent you probably should look into server system hardware.
tomdlgns
Premium Member
join:2003-03-21

tomdlgns

Premium Member

said by exocet_cm:

You could setup Untangle firewall in transparent bridge mode and monitor bandwidth and a host of other items such as content, etc. It is free and you only need a small box and two NICs.

For testing purposes any box would probably suit your needs. If you want to keep it permanent you probably should look into server system hardware.

i am not trying to thread jack, but i am looking to do the same thing. i want to monitor bandwidth by ip/device on my network.

i currently use pfsense as the main router and i can see the WAN usage, but not sure if i can monitor by ip/device with pfsense.

are you saying i could setup untangle between pfsense (or any router/gateway) and my switch and see more granular bandwidth info?

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

Click for full size
Live traffic view
Click for full size
Live session view
Click for full size
Reports
Click for full size
Reports
Click for full size
»wiki.untangle.com/index. ··· dge_Mode

This is one of my Untangle boxes in router mode (don't have any in bridge mode at the moment). You can view live traffic by adding a rule to the firewall module and monitoring a specific port by enabling "logging", there is a session mode to view current sessions, and you can look at archived reports or generate reports on the fly to view data.

You also have the option to export to excel .csv if you want to create a custom pivot table to dig through data (if you need control at that granular level).

It might be what you are looking for. Best part is that it is free.
tomdlgns
Premium Member
join:2003-03-21

tomdlgns

Premium Member

looks good. i might look into this.

can you confirm that i can set this in between my pfsense box and network switch?

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

said by tomdlgns:

looks good. i might look into this.

can you confirm that i can set this in between my pfsense box and network switch?

I can't confirm but I don't see why not.
tomdlgns
Premium Member
join:2003-03-21

tomdlgns

Premium Member

when you set untangle to bridge mode, do you have to do any other configuration or is one nic in and the other nic out?

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

said by tomdlgns:

when you set untangle to bridge mode, do you have to do any other configuration or is one nic in and the other nic out?

That is pretty much the gist. Check out these resources:
Download: »www.untangle.com/store/g ··· untangle
Bridge mode FAQ: »wiki.untangle.com/index. ··· dge_Mode
Installation forum: »forums.untangle.com/inst ··· llation/
tomdlgns
Premium Member
join:2003-03-21

tomdlgns

Premium Member

ok, i will check that out, thanks.

i installed untagle a few years ago so i am a little familiar with the setup, but never stuck with it or looked at the bridge mode option.

beachintech
There's sand in my tool bag
Premium Member
join:2008-01-06

beachintech to exocet_cm

Premium Member

to exocet_cm
Thank you for that, I actually had that same solution in my list and glad to see someone else bring it up.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Paulg

MVM

to Paulg
Was going to ask "are you sure about that," but then I dug up a few articles indicating the 3750s only track the 1st packet of the flow,
and the 29xx series switches will only do SNMP load-based polling.

@beachintech
Really dumb question, are they 3750s, 3750Gs, or the newer 3750Xs?

Do you have access to any other layer3 device within the network _IF_ Netflow or similar was needed?

Tell me I'm not crazy when I read this article that the 3750X has an addin module that does NetFlow -- »www.plixer.com/blog/netf ··· support/

Regards

Paulg
Displaced Yooper
Premium Member
join:2004-03-15
Neenah, WI

Paulg

Premium Member

Yes, the 3750X has an uplink module (PN: C3KX-SM-10G) that provides netflow, but only on the two uplink ports.