On 8 aug 2013, at 20:49, Gary Drost wrote:
> Can I use Wireshark at the main site to record the traffic coming to the main site from the remote sites over those VPN tunnels in order to determine the current bandwidth used by that traffic?
Well, in theory you can, but it would not be practical to capture every packet, only to calculate bandwidth usage.
> Can I do it without having to capture all the traffic (i.e. can I report on the bandwidth the traffic is using without having to capture that traffic)?
Not with wireshark.
> I would expect that I will need to capture stats for about a week and don't want to have to save GB worth of wireshark data, unless I have to, in order to accomplish this.
What kind of device terminates the VPN tunnels? Can you use SNMP on that device to monitor interface statistics on the individual VPN tunnels?
If you can't get the info other than capturing the traffic, then have a look at "ntop" [1], it can give nice graphs of traffic and you can zoom into the specifics of the traffic.
Cheers,
Sake
[1] http://www.ntop.org
