Page 1 of 1
Pfsense ipsec tunnel status monitoring in nagios
Posted: Thu Aug 24, 2017 5:28 am
by DhavalOza
Hello,
How to configure pfsense 2.3.4 ipsec tunnels status check in nagios server ?
Thanks and regards,
Dhaval Oza
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Thu Aug 24, 2017 9:19 am
by mcapra
I recall a thread a while back that did similar things:
https://support.nagios.com/forum/viewto ... 16&t=42459
There's also a few pfsense plugins on the
nagios exchange, but none of them seem to keep track of ipsec tunnel status.
Do you have a command you can run that displays the ipsec status (if so, please share it with the output)? I can't find any SNMP OIDs in pfsense that report the status for ipsec tunnels.
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Thu Aug 24, 2017 3:11 pm
by tgriep
Thanks for the help
@mcapra.
@ DhavalOza You may want to take a look at this link from pfsense's forums.
https://forum.pfsense.org/index.php?topic=134397.0
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Mon Aug 28, 2017 12:50 am
by DhavalOza
DhavalOza wrote:Hello,
How to configure pfsense 2.3.4 ipsec tunnels status check in nagios server ?
Thanks and regards,
Dhaval Oza
Hello,
Which script install in PFsense 2.3.4 ?
Please step by step guide.
Thanks & regards,
Dhaval Oza
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Mon Aug 28, 2017 11:01 am
by mcapra
Unfortunately, I was unable to find a step-by-step guide. Some intuition and research will be needed. I unfortunately do not have a pfSense device to test against.
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Mon Aug 28, 2017 1:22 pm
by tgriep
Same here, we do not have a pfsense device for testing so there is not a step by step guide.
In that link is an example the testing the interfaces using the check_snmp plugin.
Nagios service:
The (-R [1345]) is regex for anything but 2, which is a down status)
define service{
use generic-service,srv-pnp
host_name pfsense
service_description Interface: Outside [wan_stf]
check_command check_snmp!-C CommunityString -o .1.3.6.1.2.1.2.2.1.8.13 -R "[1345]"
}
You could use that example for testing of the tunnel status if you can get the OID information from pfsense and replace it in the command -o option.
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Wed Jan 24, 2018 4:12 pm
by treetop
I know this thread is a little dated, but I have put together a collection of plugins for monitoring pfSense with Nagios and those scripts can be found on Nagios Exchange (1st link below). I specifically use Nagios XI, but other users who went through the process stated it works with Nagios Core as well with a few modifications. The plugins can monitor VPN/IPSEC tunnels, CPU, memory, pfSense services, interfaces, state table, version, and more! I've also written a guide on how to monitor via SSH instead of NRPE (2nd link below). Hopefully it helps someone!
https://exchange.nagios.org/directory/P ... 29/details
https://www.linuxincluded.com/monitorin ... sh-part-1/
Re: Pfsense ipsec tunnel status monitoring in nagios
Posted: Wed Jan 24, 2018 4:39 pm
by tgriep
Thanks
@treetop for links and the help.