Blog :: Network Operations

VPN Traffic Monitoring

In a previous article, we explained to you briefly what a VPN is, and how we used our network traffic monitor for Cisco ASA VPN reporting. In this post, I’ll explain how you can get VPN Traffic Monitoring for your individual users on your VPN Network.

If you have remote users, you most likely have those users connect to your network through a Virtual Private Network (VPN). A VPN is an extension of a private network that uses different types of encryption so remote users can log into a private network safely and securely over the internet and still have access to all of the resources that they would have if they were connected locally. How, though, do you know what your users are doing once they are connected? Are they using too much bandwidth? Are they connecting to non-work related sites?

In order to show you how you can get these details, I have set up a lab environment where users connect to a Cisco ASA for the VPN and all network traffic on the network goes through the SonicWALL firewall. If I look at the Cisco ASA reports in our monitoring solution, I can see that there is a Cisco ASA Users report. Now I can see the VPN users connected through the VPN, bselecting this report.


When selecting a user, select the Cisco ASA report “NAT >> Destination Details. Doing so will let us see what internal address the user received when they connected to the VPN. In the case of justinj (that’s me), the internal IP is


Now if we go to the SonicWALL firewall, we can search for the traffic coming from this IP address and see the external (Internet) traffic that the individual user had.


In the above image, I selected just the SonicWALL WAN Interface (so I am purposefully excluding the LAN traffic). I then specified the IP address that we identified as justinj‘s IP. Having done this, I can now see the traffic that justinj is generating. Additionally, since I know the IP address of the VPN user, I can now run additional reports to discover more details. For example, the SonicWALL can provide URL details, which will let me see the specific web addresses the user went to.

By being able to see the traffic of your remote users, you have better visibility concerning whether they’re doing work related activity while connected to the VPN. In turn, this helps you reduce bandwidth on your network, which will also prevent unnecessary traffic.

Now, since all networks are different, if you need any help getting these details on your network, call our tech support team and they will help you get the visibility you want with VPN traffic monitoring.