[collectd] ASA VPN tunnel monitoring

Sjoerd de Vries SdeVries at globecomm-europe.com
Wed Feb 26 18:24:26 CET 2014 

Hi Bill

The entity mib doesn't offer any specific information, only general capabilites. 

I did found a text based OID containing the IP in another table. 1.3.6.1.4.1.9.9.171.1.2.3.1.7 (the phase one table). But that one is also on a dynamic index, it is however referenced by 1.3.6.1.4.1.9.9.171.1.3.2.1.2 (that is .2 of the table of interest)

[sdevries at graph1 ~]$ snmpwalk -v 1 -c public 10.2.11.251 1.3.6.1.4.1.9.9.171.1.3.2.1.2
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.5384 = INTEGER: 5328896
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.5576 = INTEGER: 6373376
[sdevries at graph1 ~]$ snmpwalk -v 1 -c public 10.2.11.251 1.3.6.1.4.1.9.9.171.1.2.3.1.7
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.5328896 = STRING: "<IP address of interest>"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.6373376 = STRING: "<IP address of interest>"
 
So I tried to use 1.3.6.1.4.1.9.9.171.1.2.3.1.7 in collectd as the Instance, but I guess the instance has to come from the same table as this is not working.



Kind Regards,
Sjoerd



________________________________________
From: Bill Schwanitz <bilsch at gmail.com>
Sent: Wednesday, February 26, 2014 2:34 PM
To: Sjoerd de Vries
Cc: collectd at verplant.org
Subject: Re: [collectd] ASA VPN tunnel monitoring

On Feb 26, 2014, at 6:44 AM, Sjoerd de Vries <SdeVries at globecomm-europe.com> wrote:

> The data is in a table (1.3.6.1.4.1.9.9.171.1.3.2) but the index is a new int for every tunnel. In other words a tunnel goes down, comes back up and has a new index.
> In collectd I put the Index on the remote address (1.3.6.1.4.1.9.9.171.1.3.2.1.5) however this is an IP in hex format. Pushing the data to graphite then results in some strange label values (direct HEX to ASCII).

Sjoerd,

Is there a lookup table which has the connection name instead of the ip address?

Just a guess, but look at https://supportforums.cisco.com/docs/DOC-1295#ENTITYMIB - the entity mib. I would imagine the vpn tunnels would show up in the entLogicalTable - hopefully there is a translation to a string/name in there or something

bill

More information about the collectd mailing list