03-02-2005 09:20 PM - edited 02-21-2020 01:38 PM
Does anyone have the OID for when a VPN connection is "active" on an 831? I'm using EzVPN. Is there an OID for IPSEC connection status?
I want to incorporate an IOD into MRTG or Big Brother for tracking up/downtime on a VPN connection.
03-02-2005 10:40 PM
These oid's may be helpful
1.3.6.1.4.1.9.9.171.1.2.1.1 cikeGlobalActiveTunnels
1.3.6.1.4.1.9.9.171.1.3.1.1 cipSecGlobalActiveTunnels
Or you can snmpwalk this mib:
ciscoIpSecFlowMonitorMIB 1.3.6.1.4.1.9.9.171
which is supported by the 831 router, and look for the specific oid that you need.
If you find this helpful, please share your findings.
Regards,
Mustafa
03-03-2005 04:58 PM
Mustafa,
I find that when a tunnel sa goes down or expires, the index instance, the value of that tunnel session, changes. So if I use this OID to monitor this active tunnel, and it bounces, our nms is still monitoring the old instance value. We have to manually initiate a rediscovery. Besides upgrading our nms, (I wish), do you have any other suggestions.
Thank you!
TC
03-03-2005 09:32 PM
I'm monitoring:
1.3.6.1.4.1.9.9.171.1.2.1.1.0
and
1.3.6.1.4.1.9.9.171.1.3.1.1.0
These OIDs don't change on my 831 and seem to be pretty reliable for determining ike and ipsec status respectively. I'm initiating an EzVPN connection from my 831 to a 3080.
03-03-2005 09:01 PM
That seems to be right on the money. Thank you! I'm going to have hours of fun trying to figure out what all these values mean under "ciscoIpSecFlowMonitorMIB "
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide