Pfsense ipsec tunnel status monitoring in nagios

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
DhavalOza
Posts: 2
Joined: Thu Aug 24, 2017 5:23 am

Pfsense ipsec tunnel status monitoring in nagios

Post by DhavalOza »

Hello,

How to configure pfsense 2.3.4 ipsec tunnels status check in nagios server ?

Thanks and regards,

Dhaval Oza
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by mcapra »

I recall a thread a while back that did similar things:
https://support.nagios.com/forum/viewto ... 16&t=42459

There's also a few pfsense plugins on the nagios exchange, but none of them seem to keep track of ipsec tunnel status.

Do you have a command you can run that displays the ipsec status (if so, please share it with the output)? I can't find any SNMP OIDs in pfsense that report the status for ipsec tunnels.
Former Nagios employee
https://www.mcapra.com/
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by tgriep »

Thanks for the help @mcapra.
@ DhavalOza You may want to take a look at this link from pfsense's forums.
https://forum.pfsense.org/index.php?topic=134397.0
Be sure to check out our Knowledgebase for helpful articles and solutions!
DhavalOza
Posts: 2
Joined: Thu Aug 24, 2017 5:23 am

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by DhavalOza »

DhavalOza wrote:Hello,

How to configure pfsense 2.3.4 ipsec tunnels status check in nagios server ?

Thanks and regards,

Dhaval Oza

Hello,

Which script install in PFsense 2.3.4 ?

Please step by step guide.

Thanks & regards,

Dhaval Oza
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by mcapra »

Unfortunately, I was unable to find a step-by-step guide. Some intuition and research will be needed. I unfortunately do not have a pfSense device to test against.
Former Nagios employee
https://www.mcapra.com/
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by tgriep »

Same here, we do not have a pfsense device for testing so there is not a step by step guide.
In that link is an example the testing the interfaces using the check_snmp plugin.
Nagios service:
The (-R [1345]) is regex for anything but 2, which is a down status)

define service{
use generic-service,srv-pnp
host_name pfsense
service_description Interface: Outside [wan_stf]
check_command check_snmp!-C CommunityString -o .1.3.6.1.2.1.2.2.1.8.13 -R "[1345]"
}
You could use that example for testing of the tunnel status if you can get the OID information from pfsense and replace it in the command -o option.
Be sure to check out our Knowledgebase for helpful articles and solutions!
treetop
Posts: 7
Joined: Thu Sep 21, 2017 1:45 pm

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by treetop »

I know this thread is a little dated, but I have put together a collection of plugins for monitoring pfSense with Nagios and those scripts can be found on Nagios Exchange (1st link below). I specifically use Nagios XI, but other users who went through the process stated it works with Nagios Core as well with a few modifications. The plugins can monitor VPN/IPSEC tunnels, CPU, memory, pfSense services, interfaces, state table, version, and more! I've also written a guide on how to monitor via SSH instead of NRPE (2nd link below). Hopefully it helps someone!

https://exchange.nagios.org/directory/P ... 29/details
https://www.linuxincluded.com/monitorin ... sh-part-1/
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: Pfsense ipsec tunnel status monitoring in nagios

Post by tgriep »

Thanks @treetop for links and the help.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Locked