[ previous ] [ next ] [ threads ]
 From:  "Rob Sharp" <robertsharp at gmail dot com>
 To:  "Paul Dugas" <paul at dugas dot cc>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Montor IPSEC tunnel via SNMP?
 Date:  Tue, 15 Aug 2006 14:13:15 -0400
Your best bet is to ping an IP on the other side of the tunnel.  The SA's
might still be present but the tunnel could still be down.  I have used some
of the Netscreen VPN mib's in the past and they are unreliable, they tell
you if the tunnel is down but if you have an issue with connectivity between
the endpoint  your tunnel can still be established but traffic won't pass.

On 8/15/06, Paul Dugas <paul at dugas dot cc> wrote:
> Been working on getting Nagios going here and have it monitoring the
> physical interfaces of my m0n0wall router (sis0, sis1, sis2).  I'm also
> monitoring the PPPoE interface (ng0).  I've walked the SNMP MIB a few
> times and can't find anything in there on the IPSEC VPN interfaces.  Am
> I missing something or is it not possible to do that yet?
> If not, is there a command in the stock image that would dump the state
> of the tunnels that I could call from exec.php and possibly via an added
> CGI?
> Paul
> --
> Paul Dugas, Computer Engineer                Dugas Enterprises, LLC
> paul at dugas dot cc        phone: 404-932-1355     522 Black Canyon Park
> http://dugas.cc        fax: 866-751-6494     Canton, GA 30114 USA
> --
> This e-mail and any attachments are confidential.  If you receive
> this message in error or are not the intended recipient, you should
> not retain, distribute, disclose or use any of this information and
> you should destroy the e-mail and any attachments or copies.

Robert Sharp
robertsharp at gmail dot com