monitor vpn status

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
thennessey
Posts: 13
Joined: Tue Feb 05, 2013 10:33 am

monitor vpn status

Post by thennessey »

I am monitoring my Sonicwall's uptime, CPU, RAM, connections, however when I try to monitor VPN status, i'm not getting back any data from the host. When I look at this OID in my MIB browser, it looks different than the others. In iReasoning brower, the other OID's i'm monitoring have a green icon. This one has an orange one. I assume this means it is different and has to be set up differently?

This is the info shown in iReasoning browser for this OID
sWfWTrapIpSecTunnel
.1.3.6.1.4.1.8741.1.1.2.0.4
MIB SONICWALL-FIREWALL-TRAP-MIB
Syntax (blank)
Access (blank)
Status Current
DefVal (blank)
Objects swTrapInfoTrapType, swTrapInfoTrapDescription, swTrapInfoSaName, swTrapInfoFwSrlNumber, swTrapInfoSaStatus, swTrapInfoSrcAddrBegin, swTrapInfoSrcAddrEnd, swTrapInfoDstAddrBegin, swTrapInfoDstAddrEnd, swTrapInfoGateway, swTrapInfoIsDHCPCentral
Descr This trap indicates that there has bee a change in the IPSec tunnel status along with
the parameters required to indentify the tunnel .

When I run this command from Nagios, I get nothing back. I've tried other variations.
snmpwalk -v1 -c jrcommunity 10.10.100.2 AGENT .1.3.6.1.4.1.8741.1.1.2.0.4

What am I doing wrong here? Thanks!
Top
sreinhardt
-fno-stack-protector
Posts: 4366
Joined: Mon Nov 19, 2012 12:10 pm

Re: monitor vpn status

Post by sreinhardt »

Based on the names, it would appear that these are snmp traps and not something that you can query. Traps have to setup for the device to send you nagios(or another device) and registered there. They are sent when some form of actionable state change happens, such as a new peer connecting to the VPN or it getting dropped entirely. You may want to look at http://assets.nagios.com/downloads/nagi ... ith_XI.pdf
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Top
thennessey
Posts: 13
Joined: Tue Feb 05, 2013 10:33 am

Re: monitor vpn status

Post by thennessey »

I think I already have Nagios set up to be able to receive traps. When I followed the directions in your guide, at the yum install command. It says:


[root@nagios tmp]# yum --nogpgcheck localinstall snmptt-1.3-3.nagios.noarch.rpm
Loaded plugins: fastestmirror, security
Setting up Local Package Process
Examining snmptt-1.3-3.nagios.noarch.rpm: snmptt-1.3-3.nagios.noarch
snmptt-1.3-3.nagios.noarch.rpm: does not update installed package.
Nothing to do

I have also created smtp trap services for my hosts, and it looks like they are running, waiting for traps.

SNMP is configured and working on my firewall.

So to make sure I understand, all of the traps on my firewall are active? If any event that matches that trap happens, it will send out the trap? Or do I somehow have to pick which ones notify Nagios? It's all or nothing, or do I have to pick and choose the traps?

Thanks again!
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: monitor vpn status

Post by scottwilkerson »

You do have to configure the Sonicwall to send the traps to the nagios server.

If you have done this they should appear in XI if snmptt is configured correctly, otherwise you may see them in /var/log/snmptt/snmpttunknown.log
Former Nagios employee
Creator:
Human Design Website
Get Your Human Design Chart
Top
Locked

Return to “Nagios XI”