VPN Tunnel monitoring
Moderators: Developers, Moderators
dbrummer,
I'm very new to cacti but would like to use your script to gather data from our ASA device.
Since the ASA uses different MIB's I'll have to change them.
I found out that I can get the peer IP's with this MIB: 1.3.6.1.4.1.9.9.171.1.2.3.1.7.X
Received packets: enterprises.9.9.171.1.3.2.1.32.X
Send packets: enterprises.9.9.171.1.3.2.1.45.X
I can easily adapt your script to use these new MIB's.
Can you provide me with the query script xml file for this to load into Cacti? I'm not sure how I can build this myself (cacti-noob-talking)
Thanks!
I'm very new to cacti but would like to use your script to gather data from our ASA device.
Since the ASA uses different MIB's I'll have to change them.
I found out that I can get the peer IP's with this MIB: 1.3.6.1.4.1.9.9.171.1.2.3.1.7.X
Received packets: enterprises.9.9.171.1.3.2.1.32.X
Send packets: enterprises.9.9.171.1.3.2.1.45.X
I can easily adapt your script to use these new MIB's.
Can you provide me with the query script xml file for this to load into Cacti? I'm not sure how I can build this myself (cacti-noob-talking)
Thanks!
aquila125,
Just what I am looking for, but how can i tell which OID is for what peer?
I issue the following to get the peers:
snmpwalk -v 1 -c community x.x.x.x 1.3.6.1.4.1.9.9.171.1.2.3.1.7
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.7 = STRING: "69.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.9 = STRING: "193.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.27 = STRING: "142.x.x.x"
and I see my Tunnel peers, awesome....but then I execute the tx/rx ones you posted:
snmpwalk -v 1 -c community x.x.x.x 1.3.6.1.4.1.9.9.171.1.3.2.1.32
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.14 = Counter32: 2053927579
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.15 = Counter32: 20499255
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.16 = Counter32: 59644
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.17 = Counter32: 92451453
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.18 = Counter32: 42574699
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.19 = Counter32: 9964751
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.20 = Counter32: 2407151
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.21 = Counter32: 442837
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.168 = Counter32: 5961323
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.507 = Counter32: 538955
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.689 = Counter32: 17708799
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.690 = Counter32: 444305
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.692 = Counter32: 4503
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.759 = Counter32: 189532
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.760 = Counter32: 11066
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.761 = Counter32: 2831
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.762 = Counter32: 24
How do i know what TX is for what peer?
Update: so yea, i need to know how to find out which entry goes to what tunnel i have when issuing a snmpwalk against 1.3.6.1.4.1.9.9.171.1.3.2.1 on the ASA
Just what I am looking for, but how can i tell which OID is for what peer?
I issue the following to get the peers:
snmpwalk -v 1 -c community x.x.x.x 1.3.6.1.4.1.9.9.171.1.2.3.1.7
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.7 = STRING: "69.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.9 = STRING: "193.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.27 = STRING: "142.x.x.x"
and I see my Tunnel peers, awesome....but then I execute the tx/rx ones you posted:
snmpwalk -v 1 -c community x.x.x.x 1.3.6.1.4.1.9.9.171.1.3.2.1.32
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.14 = Counter32: 2053927579
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.15 = Counter32: 20499255
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.16 = Counter32: 59644
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.17 = Counter32: 92451453
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.18 = Counter32: 42574699
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.19 = Counter32: 9964751
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.20 = Counter32: 2407151
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.21 = Counter32: 442837
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.168 = Counter32: 5961323
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.507 = Counter32: 538955
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.689 = Counter32: 17708799
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.690 = Counter32: 444305
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.692 = Counter32: 4503
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.759 = Counter32: 189532
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.760 = Counter32: 11066
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.761 = Counter32: 2831
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.762 = Counter32: 24
How do i know what TX is for what peer?
Update: so yea, i need to know how to find out which entry goes to what tunnel i have when issuing a snmpwalk against 1.3.6.1.4.1.9.9.171.1.3.2.1 on the ASA
oh wait i think i got it....
so:
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.7 = STRING: "69.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.9 = STRING: "193.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.27 = STRING: "142.x.x.x"
then:
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.168 = INTEGER: 7
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.507 = INTEGER: 9
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.689 = INTEGER: 27
then:
(rx)
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.14 = Counter32: 2054840717
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.15 = Counter32: 20513721
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.16 = Counter32: 59703
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.17 = Counter32: 92654790
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.18 = Counter32: 42852158
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.19 = Counter32: 10006265
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.20 = Counter32: 2409455
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.21 = Counter32: 443150
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.168 = Counter32: 5973914
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.507 = Counter32: 541253
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.689 = Counter32: 17767814
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.690 = Counter32: 444419
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.692 = Counter32: 4527
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.759 = Counter32: 383112
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.760 = Counter32: 19613
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.761 = Counter32: 8791
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.762 = Counter32: 51
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.763 = Counter32: 357
(tx)
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.14 = Counter32: 1211751983
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.15 = Counter32: 24053445
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.16 = Counter32: 92334
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.17 = Counter32: 108325220
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.18 = Counter32: 36267204
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.19 = Counter32: 7142011
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.20 = Counter32: 2412909
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.21 = Counter32: 568791
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.168 = Counter32: 6305735
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.507 = Counter32: 497502
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.689 = Counter32: 27768398
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.690 = Counter32: 445670
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.692 = Counter32: 3895
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.759 = Counter32: 411479
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.760 = Counter32: 20242
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.761 = Counter32: 8690
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.762 = Counter32: 0
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.763 = Counter32: 298
So from this I can see that the tunnel with peer 69.x.x.x. received 5973914 bits/sec and transfered 6305735 bits/sec , or is that packets (as the cisco oid tool states)....i'd like to get bits/sec so i can graph the bandwidth usage
Correct?
so:
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.7 = STRING: "69.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.9 = STRING: "193.x.x.x"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.27 = STRING: "142.x.x.x"
then:
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.168 = INTEGER: 7
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.507 = INTEGER: 9
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.2.689 = INTEGER: 27
then:
(rx)
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.14 = Counter32: 2054840717
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.15 = Counter32: 20513721
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.16 = Counter32: 59703
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.17 = Counter32: 92654790
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.18 = Counter32: 42852158
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.19 = Counter32: 10006265
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.20 = Counter32: 2409455
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.21 = Counter32: 443150
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.168 = Counter32: 5973914
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.507 = Counter32: 541253
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.689 = Counter32: 17767814
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.690 = Counter32: 444419
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.692 = Counter32: 4527
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.759 = Counter32: 383112
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.760 = Counter32: 19613
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.761 = Counter32: 8791
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.762 = Counter32: 51
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.32.763 = Counter32: 357
(tx)
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.14 = Counter32: 1211751983
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.15 = Counter32: 24053445
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.16 = Counter32: 92334
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.17 = Counter32: 108325220
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.18 = Counter32: 36267204
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.19 = Counter32: 7142011
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.20 = Counter32: 2412909
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.21 = Counter32: 568791
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.168 = Counter32: 6305735
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.507 = Counter32: 497502
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.689 = Counter32: 27768398
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.690 = Counter32: 445670
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.692 = Counter32: 3895
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.759 = Counter32: 411479
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.760 = Counter32: 20242
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.761 = Counter32: 8690
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.762 = Counter32: 0
SNMPv2-SMI::enterprises.9.9.171.1.3.2.1.45.763 = Counter32: 298
So from this I can see that the tunnel with peer 69.x.x.x. received 5973914 bits/sec and transfered 6305735 bits/sec , or is that packets (as the cisco oid tool states)....i'd like to get bits/sec so i can graph the bandwidth usage
Correct?
I think I got it working on my ASA 5510!
I adapted the script so it's a bit faster and cleaner. I added a parameter (ASA or CONCENTRATOR) and remove the rx/tx parameters. Both values will be returned now (since that is what you most likely want).
I'm not sure that the Concentrator works since I'm not able to test it.
<EDIT>
I uploaded a new version of the script.
I noticed that I had several entries in my asa related to a certain PEER ID, so now I accumulate all the values of those OID's. The result seems to match my test (running an FTP session over an further unused vpn tunnel and the results are correct.
<EDIT2>
I noticed that if the tunnel is not up when the snmp call is running, no data is returned. This means that if the tunnel was up for a short time (and transmitting data) it is not always shown in the charts... There is not much you can do about this except shortening the checking interval...
I adapted the script so it's a bit faster and cleaner. I added a parameter (ASA or CONCENTRATOR) and remove the rx/tx parameters. Both values will be returned now (since that is what you most likely want).
I'm not sure that the Concentrator works since I'm not able to test it.
<EDIT>
I uploaded a new version of the script.
I noticed that I had several entries in my asa related to a certain PEER ID, so now I accumulate all the values of those OID's. The result seems to match my test (running an FTP session over an further unused vpn tunnel and the results are correct.
<EDIT2>
I noticed that if the tunnel is not up when the snmp call is running, no data is returned. This means that if the tunnel was up for a short time (and transmitting data) it is not always shown in the charts... There is not much you can do about this except shortening the checking interval...
- Attachments
-
- lan2lan_cisco.pl
- Perl script. Put this in the <cacti>/site/scripts folder.
- (4.7 KiB) Downloaded 1516 times
-
- cacti_graph_template_cisco_vpn_tunnel.xml
- The graph and data template. Import this in Cacti
- (13.43 KiB) Downloaded 1107 times
Last edited by aquila125 on Fri Nov 02, 2007 10:10 am, edited 3 times in total.
Thanks for getting those done! but my graphs are all showing 0 (not nan)...looking at the log file it shows its getting results, just not filling in the graphs...
11/06/2007 10:30:04 AM - CACTID: Poller[0] Host[57] DS[5788] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:3833585954 TX:3506554089
11/06/2007 10:30:05 AM - CACTID: Poller[0] Host[57] DS[5790] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:3108853293 TX:870654177
11/06/2007 10:30:06 AM - CACTID: Poller[0] Host[57] DS[5791] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:1505731407 TX:2355827662
11/06/2007 10:30:07 AM - CACTID: Poller[0] Host[57] DS[5789] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:5621384918 TX:2813901160
11/06/2007 10:30:04 AM - CACTID: Poller[0] Host[57] DS[5788] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:3833585954 TX:3506554089
11/06/2007 10:30:05 AM - CACTID: Poller[0] Host[57] DS[5790] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:3108853293 TX:870654177
11/06/2007 10:30:06 AM - CACTID: Poller[0] Host[57] DS[5791] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:1505731407 TX:2355827662
11/06/2007 10:30:07 AM - CACTID: Poller[0] Host[57] DS[5789] SCRIPT: perl /www/htdocs/cacti/scripts/lan2lan_cisco.pl mysnmpcommunity 192.168.95.7 some_remote_peer ASA, output: RX:5621384918 TX:2813901160
- Attachments
-
- 1.jpg (65.1 KiB) Viewed 10718 times
Last edited by nduda78 on Tue Nov 06, 2007 10:34 am, edited 1 time in total.
ok waiting...i know first poll creates the graphs (showing NAN), then second usually fills the data in...ill post back in 15-20 minaquila125 wrote:Just delete the files from the filesystem (site/rrd if I'm correct). You can find the names of the RRD's in the data sources.
You also need to wait for 2 intervals before the nr's are filled in. (default interval is 5 mins, so make sure you wait 10-15 mins, then you should see the first data)
Who is online
Users browsing this forum: No registered users and 0 guests