04-04-2011 07:27 AM
I need to be able to monitor static VPN L2L tunnels on an ASA running 8.2 and above. I know you can snmp query for the tunnel count but how can you see individual tunnel status as they change thier SA ID etc... frequently? Any help would be appreciated.
04-04-2011 12:06 PM
Hi there.
Well ... I'm afarid I don't have quick answer for you.
What I suggest is to dig into
show snmp-server oidlist
(it will not autocomplete)
What I would like to point out:
[361] 1.3.6.1.4.1.9.9.171.1.2.3.1.19. cikeTunInOctets
[498] 1.3.6.1.4.1.9.9.171.1.4.2.1.1.23. cikeTunHistInOctets
[495] 1.3.6.1.4.1.9.9.171.1.4.2.1.1.20. cikeTunHistActiveTime
Not sure it this is what you're looking for.
Marcin
04-04-2011 12:33 PM
Thanks. That's a great place to start. I will do some testing on those OID values and see what I can get out of it.
-Jake
04-04-2011 12:45 PM
Jake,
Good luck :-)
I just realized I made a mistake.
There are two families
cikeTun..., cikeTunHist
I believe you will be insterested in cikeTun not cikeTunHist ;-)
Marcin
04-04-2011 12:48 PM
Check
Advantage of VPNTTG over other SNMP based monitoring software’s is following: Other (commonly used) software’s are working with static OID numbers, i.e. whenever tunnel disconnects and reconnects, it gets assigned a new OID number. This means that the historical data, gathered on the connection, is lost each time. However, VPNTTG works with VPN peer’s IP address and it stores for each VPN tunnel historical monitoring data into the SQL server and into the RRD (Round Robin Database) file.
HTH
Roberto Taccon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide