check_vpn_status for IKEv2

This forum is intended for the discussion of Nagios plugin development. Feature requests, patches, bug fixes, and all types of development-related discussions are welcome!

NOTE: The SourceForge.net nagiosplug-devel mailing list has been deprecated in favor of this forum in order to expedite support and provide additional features not available on the old mailing list.

check_vpn_status for IKEv2

Postby Afzal » Thu Oct 05, 2017 10:49 pm

Hi all,

I am currently using existing plugin "check_vpn_status" for all our Cisco ASA's vpn tunnels using IKEv1 but the plugin does not help on tunnels with IKEv2.

I did manual snmpwalk on OID 1.3.6.1.4.1.9.9.171.1.2.3.1.7 and the outcome did not include IKEv2 tunnel peer addresses.

Checked further if I could find a different OID which returns with both IKEv1 and IKEv2 and came up with below.

1.3.6.1.4.1.9.9.392.1.3.21.1.2

Tested using manual snmpwalk and confirmed both IKE versions peer addresses present when tunnels are up.

As my perl skills are next to none, yet I tried tweaking existing check_vpn_status file by replacing old OID with the new one and it failed.

Can anyone assist please. Or any existing plugin please?
Afzal
 
Posts: 2
Joined: Thu Oct 05, 2017 10:38 pm

Re: check_vpn_status for IKEv2

Postby tgriep » Fri Oct 06, 2017 2:29 pm

Instead of rewriting the plugin, you can use the check_snmp plugin and specify the OID in the command and that may work for you.
I found this link that has an example of doing that.
http://www.slsmk.com/monitor-asa-vpn-sessions-via-snmp/
Just update the OID with the correct one and see how it works out for you.
Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 6164
Joined: Thu Oct 30, 2014 9:02 am

Re: check_vpn_status for IKEv2

Postby Afzal » Wed Oct 11, 2017 2:38 am

Thanks for your suggestion tgriep. I used nano to edit the original "check_vpn_status" plugin file and replaced oid. It worked.
Afzal
 
Posts: 2
Joined: Thu Oct 05, 2017 10:38 pm

Re: check_vpn_status for IKEv2

Postby tgriep » Wed Oct 11, 2017 9:05 am

That is good news. As long as it is working for you, I'll mark the post as solved and lock it up. Feel free to open a new post in the future.
Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 6164
Joined: Thu Oct 30, 2014 9:02 am


Return to Nagios Plugin Development

Who is online

Users browsing this forum: No registered users and 1 guest