08-26-2010 06:17 AM
Does SNMP allows to query the device to get the VPN users who are alive?
I need to produce a trend report for VPN user connections to my management. If there exists an OID to query, it would help me.
I appreciate any help in directing me to appropriate doc or MIB file for my own analysis.
Cheers
-Senthil-
Solved! Go to Solution.
08-26-2010 06:30 AM
Hey Senthil,
I think this is the link you are looking for:
and more particularly you might be interested in the following MIB:
http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&mibName=CISCO-REMOTE-ACCESS-MONITOR-MIB
There was a bug that was filed to register the incomplete information registered in these MIBs. The bug number is CSCso02912.
Regards
Atri.
08-26-2010 06:33 AM
This enhancement was performed and new OID's are available for all the information you want, but you need to be on:
8.1(1.101) or 8.2(0.151)
These are the OID's added to CISCO-REMOTE-ACCESS-MONITOR mib to provide sesssion statistics info. :
crasEmailNumSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.23 )
crasEmailCumulateSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.24 )
crasEmailPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 25 )
crasIPSecNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 26 )
crasIPSecCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 27 )
crasIPSecPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 28)
crasL2LNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 29 )
crasL2LCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 30 )
crasL2LPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 31 )
crasLBNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 32 )
crasLBCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 33 )
crasLBPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.34 )
crasSVCNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 35 )
crasSVCCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 36 )
crasSVCPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.37)
crasWebvpnNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 38 )
crasWebvpnCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.39 )
crasWebvpnPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 40 )
10-02-2010 05:23 PM
08-26-2010 06:30 AM
Hey Senthil,
I think this is the link you are looking for:
and more particularly you might be interested in the following MIB:
http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&mibName=CISCO-REMOTE-ACCESS-MONITOR-MIB
There was a bug that was filed to register the incomplete information registered in these MIBs. The bug number is CSCso02912.
Regards
Atri.
08-26-2010 06:33 AM
This enhancement was performed and new OID's are available for all the information you want, but you need to be on:
8.1(1.101) or 8.2(0.151)
These are the OID's added to CISCO-REMOTE-ACCESS-MONITOR mib to provide sesssion statistics info. :
crasEmailNumSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.23 )
crasEmailCumulateSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.24 )
crasEmailPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 25 )
crasIPSecNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 26 )
crasIPSecCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 27 )
crasIPSecPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 28)
crasL2LNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 29 )
crasL2LCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 30 )
crasL2LPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 31 )
crasLBNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 32 )
crasLBCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 33 )
crasLBPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.34 )
crasSVCNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 35 )
crasSVCCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 36 )
crasSVCPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.37)
crasWebvpnNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 38 )
crasWebvpnCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.39 )
crasWebvpnPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 40 )
08-27-2010 01:04 AM
Hi Atri,
Many thanks for your ideas. It is really helpful to produce a trend report.
With your directions I have planned to produce "Live user detail" report beyond the trend report. I found the below information usefull to produce "Live user detail" report from Object crasSessionEntry - 1.3.6.1.4.1.9.9.392.1.3.21.1.
username of the session - crasUsername 1.3.6.1.4.1.9.9.392.1.3.21.1.1
duration of the session - crasSessionDuration 1.3.6.1.4.1.9.9.392.1.3.21.1.6
session type - crasSessionProtocol 1.3.6.1.4.1.9.9.392.1.3.21.1.11. The values of crasSessionProtocol are
1:other
2:ipsec
3:l2tp
4:l2tpoveripsec
5:pptp
6:l2f
7:ssl
I believe my above assumptions were right.
Thank you
-Senthil-
08-27-2010 06:23 AM
Hey Senthil,
I am glad I could be of assistance. If your question is answered please mark it as such and also rate the answer as it well help others locate this response faster.
If however you have any further questions regarding this issue then please let me know.
Regards,
Atri.
09-20-2010 07:40 AM
Hi Atri,
The Object name crasSessionTable in CISCO-REMOTE-ACCESS-MONITOR-MIB gives the remote access connection details.
crasSessionTable -> "This table lists all the currently active sessions.For each session, it lists the attributes (user,group, protocol, security), statistics packet and octets) and status."
But when I browse through the ALTIGA-SESSION-STATS-MIB, I see the below Object names as well
alActiveSessionTable (1.3.6.1.4.1.3076.2.1.2.17.2) -> "List of active sessions."
alPptpStatsSessionTable (1.3.6.1.4.1.3076.2.1.2.3.3) -> "List of active sessions within tunnels."
Does ALTIGA-SESSION-STATS-MIB serves a different purpose? Or the same info is repetitive in CISCO-REMOTE-ACCESS-MONITOR-MIB?
Cheers
Senthil.S
09-29-2010 09:06 AM
Hey Senthil,
My apologies for the delayed response. Altiga Networks was a company that was acquired by Cisco which used to provide Virtual Private Networking in the US. The ALTIGA-SESSION-STATS-MIB was the MIB they had created for their sessions. It is highly likely that when the company was acquired to provide backward compatibility this MIB was retained while an indigenous MIB, the CISCO-REMOTE-ACCESS-MONITOR-MIB. This might have resulted in replication.
I would suggest that you use the CISCO-REMOTE-ACCESS-MONITOR-MIB.
Regards,
Atri.
10-02-2010 05:23 PM
10-04-2010 12:28 AM
Hi Puseth,
Many thanks you for the reference. Your post is very descriptive. I will check this in my device and then rate it.
Hi Atri,
I thank you for clarifying the difference between ALTIGA-SESSION-STATS-MIB and CISCO-REMOTE-ACCESS-MONITOR-MIB.
-Cheers-
Senthil
03-23-2018 06:13 AM - edited 03-23-2018 06:21 AM
I achieved this by using the following OID's:
This way you can easily track if your VPN-utilization (sessions & users) is trending towards your license-limit or HW-limit.
GReetz,
S.
03-24-2024 08:26 AM
Hello,
Check out VPNTTG (VPN Tunnel Traffic Grapher) is a software for SNMP monitoring and measuring the traffic load for IPsec (Site-to-Site, Remote Access) and SSL (With Client, Clientless) VPN tunnels on a Cisco ASA. It allows the user to see traffic load on a VPN tunnel over time in graphical form.
Advantage of VPNTTG over other SNMP based monitoring software's is following: Other (commonly used) software's are working with static OID numbers, i.e. whenever tunnel disconnects and reconnects, it gets assigned a new OID number. This means that the historical data, gathered on the connection, is lost each time. However, VPNTTG works with VPN peer's IP address and it stores for each VPN tunnel historical monitoring data into the Database.
For more information about VPNTTG please visit www.vpnttg.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide