[c-nsp] How to monitor ipsec tunnel
Ben White
ben at cuckoo.org
Fri Jul 31 03:42:40 EDT 2009
You can get a count of the number of tunnels up under
1.3.6.1.4.1.9.9.171.1.3.1.1
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=cipSecGlobalActiveTunnels
Check min/max values on that?
2009/7/31 Andy Saykao <andy.saykao at staff.netspace.net.au>:
> Hi All,
>
> We've got an IPSEC tunnel configured with another provider for the
> exchange of some sensitive data and I wanted to know if there was a way
> to monitor the IPSEC tunnel to ensure it was up.
>
> We're using a Cisco 3640 running 12.2(46a).
>
> I've checked the mibs for this hardware platform and IOS from the Cisco
> IOS MIB Locator but can't really find any mibs to help me monitor the
> status of the tunnel.
>
> http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
>
> core#sh crypto isakmp sa
> dst src state conn-id slot
> 203.17.98.x 203.41.142.x QM_IDLE 1 0
>
> We are trying to monitor the IPSEC tunnel using nagios.
>
> Cheers.
>
> Andy
>
> This email and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed.
> Please notify the sender immediately by email if you have received this
> email by mistake and delete this email from your system. Please note that
> any views or opinions presented in this email are solely those of the
> author and do not necessarily represent those of the organisation.
> Finally, the recipient should check this email and any attachments for
> the presence of viruses. The organisation accepts no liability for any
> damage caused by any virus transmitted by this email.
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
Ben
More information about the cisco-nsp
mailing list