cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
12768
Views
10
Helpful
6
Replies

Site to Site VPN Status in FirePower Management Center

hunteryoung
Level 1
Level 1

We have began implementing site to site VPNs using our FirePower Management center. I'm wanting to find a way to add the connections to the dashboard so that we can which VPNs are up and the traffic flowing through them quickly. We've created a dashboard for our client VPNs, and we would like something like this (at the time of taking this no one is on our VPN). 

I can figure out which drop down in the widgets to use. 

6 Replies 6

Greg Smalley
Level 1
Level 1

The widgets on the dashboard are only for Remote Access VPN.  The only way really to monitor Site to Site VPN tunnels is via Health Events. (System -> Health -> Events -> VPN Status.)

Thank you. We knew the VPN Status in the System Health but were wanting a way to easily, look at a dashboard and tell if a tunnel was up and healthy. It seems there is no way to do this currently in FirePower.

I have been looking for this as well. We had a list of active site to site connections in the ASA. The ability to see what VPN sessions are active is a basic function of the device.

robertyoung
Level 1
Level 1

Now 3 years on and STILL I cannot find a way to present a nice widget on the dashboard showing our S2S VPNs.

How is something so fundamentally simple missing from the FMC?

** EDIT ** sorry, I missed that you wanted to add the info to the dashboard, I agree it's missing

You can go to devices -> Site to Site Monitoring
This doesn't work for policy based VPN, though.

You can check ipsec sa status by clicking the small eye next to the Node A name when you hover over the item, then you will see output from "show crypto ipsec sa peer x.x.x.x" command (validating if tunnel is up and encap/decaps) in the CLI pane to the right.

Not the ideal solution, but it IS possible.

Review Cisco Networking for a $25 gift card