Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1622
Views
3
Helpful
9
Replies

VPN Monitoring

elovelace256
Level 1
Level 1

‎08-16-2007 06:38 AM - edited ‎02-21-2020 01:38 AM

Is there a way that I can monitor if a vpn tunnel is up or down? I know you can do sh cry isakmp sa or via the asdm but that does not alert me if a tunnel is up or down, or give me any historical data about the tunnel.

I tried via solarwinds but it only lets me monitor the interfaces and not the tunnels.

Does anyone know a good solution or maybe a custom app?

Thanks in advance

-E

0 Helpful
9 Replies 9

Difan Zhao
Level 5
Level 5

‎08-16-2007 10:09 AM

That's what I want to know too! I know there are two snmp commands

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

I didnt test them yet. You may want to try it.

By the way, what kind of VPN are you using? I am updating my VPN from IPsec+GRE to DMVPN. Will these commands work on both kinds of VPN?

elovelace256
Level 1
Level 1
In response to Difan Zhao

‎08-16-2007 12:50 PM

I am unning a pair of asa's with ipsec+GRE tunnels.

I tried both snmp commands and I could only impliment ipsec and not isakmp.

However I did find that cisco works has some monitoring tools included but I don't know the cost.

I would have thought there is an easy way.

I used to work for Siemens business services. Great company to work for.

0 Helpful

Not applicable

‎08-17-2007 09:37 AM

E,

There are other tools on the market which can do what you are asking for,

~R

0 Helpful

elovelace256
Level 1
Level 1
In response to

‎08-29-2007 04:58 AM

Do you know the names of the tools?

0 Helpful

beecher
Cisco Employee
Cisco Employee

‎08-31-2007 10:09 AM

Included with Cisco Security Manager is an application called Performance Monitor, which supports the monitoring of remote-access and site-to-site VPNs. Links:

Security Manager:

http://www.cisco.com/go/csmanager

Performance Monitor User Guide:

http://www.cisco.com/en/US/products/ps6498/products_user_guide_book09186a00806b7a60.html

Performance Monitor originates from the previous security managment product called CiscoWorks VMS and is currently not undergoing much further enhancement. We would like to introduce an updated security-related health and performance monitoring capability on-par with Security Manager, but no definite word yet.

Security Manager and Performance Monitor can be downloaded and used for up to 90 days for evaluation.

0 Helpful

elovelace256
Level 1
Level 1
In response to beecher

‎08-31-2007 10:26 AM

Does it also provide notifications if a tunnel goes down?

0 Helpful

beecher
Cisco Employee
Cisco Employee
In response to elovelace256

‎08-31-2007 10:34 AM

Yes, there is an event browser in the application GUI itself and also the ability to configure email, syslog, or SNMP trap notifications for changes in tunnel status.

0 Helpful

khinze
Level 1
Level 1

‎09-13-2007 06:54 AM

Anyone tried NMIS or Cacti? Cacti looks like it will provide this. I am trying to get this working and can post if interested. We own CSM but have yet to figure out how to set it up to monitor devices.

0 Helpful

merabtavart
Level 1
Level 1

‎07-22-2011 01:05 AM

Check

http://www.vpnttg.com/

Advantage   of VPNTTG over other SNMP based monitoring software’s is  following:   Other (commonly used) software’s are working with static OID  numbers,   i.e. whenever tunnel disconnects and reconnects, it gets  assigned a  new  OID number. This means that the historical data, gathered  on the   connection, is lost each time. However, VPNTTG works with VPN  peer’s  IP  address and it stores for each VPN tunnel historical  monitoring  data  into the SQL server and into the RRD (Round Robin  Database) file.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top