Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SNMP MIB Files SW-SMI.MIB - any development?

BWCBWC Cybersecurity Overlord ✭✭✭
edited September 16 in Entry Level Firewalls

Hi,

in 2009 Mike renamed the SW-SMI.MIB file to SONICWALL-SMI.MIB, but the old file is still in the archive which comes accompanying with firmware releases. Can anyone of the SNWL fellows maybe forward this to the SNMP guys?

But more importantly, is there any development for the SNMP subsystem? There were no changes for years, but I guess there is some demand for having it extended? First things that come into my mind are VPN monitoring and ARP entries (for populating a NAC) and gathering of license expiration dates would be great.

I know RFE yada yada yada, but maybe the lack of SNMP functionality is already addressed.

--Michael@BWC

Category: Entry Level Firewalls
Reply

Best Answer

Answers

  • shiprasahu93shiprasahu93 Moderator

    Hello Michael@BWC,

    I just wanted to share what I usually use for VPN status and ARP entries. I am sure that there are some developments regarding SNMP but unfortunately, I do not have the list of changes with me.

    VPN traps:

    I usually set the host and SNMP trap community

    Then once the VPN status changes, a trap is automatically sent.

    ARP entries:

    The RFC1213-MIB is very useful which is a standard across many platforms.

    I am using a free SNMP tool, so forgive me for the way this looks. 😅 Also, license expiration details would be actually really helpful! I will try to check internally if something is available or in the road map.

    I hope this is helpful! Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • shiprasahu93shiprasahu93 Moderator
    edited May 31

    Hello Michael@BWC ,

    I just wanted to share the ones that I use for VPN status and ARP entries. I am sure that there are changes on SNMP subsystem but unfortunately I do not have the changes with me.

    VPN status:

    I usually set the host IP and the trap community name.

    Then once the VPN status changes, I receive a trap on my tool.

    ARP entries:

    RFC1213-MIB is very useful for this. It is a standard across many platforms.

    I am using a free SNMP tool, so forgive me for how it looks 😅 The information related to license expiration would be really helpful. I will check internally to see if we have something already or in road map for the same.

    I hope this is useful! Thanks!!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • BWCBWC Cybersecurity Overlord ✭✭✭
    edited June 1

    Hi @shiprasahu93

    thanks, this was some great information to do more research on that. I wasn't even checking for a newer version, but is there a possibility that sometimes in Gen6 the arp cache was made available via SNMP?

    I'am able to gather the information via IP-MIB::ipNetToMediaPhysAddress.<ifIndex> - something even the NAC vendor we work with just not seems to know. In the past (still valid for Gen5) the arp cache was extracted via SSH.

    UPDATE: If you try to get the values for Interface X0 (ifIndex 0) you need to add the Option -Ir to your snmpget/snmpwalk command or you'll end in an Index out of range error.

    The SNMP traps for the VPN monitoring are fine, but we are monitoring external appliances and don't wanna expose our snmpd, for that matter polling would be preferred.

    --Michael@BWC

  • shiprasahu93shiprasahu93 Moderator

    Hello Michael@BWC ,

    I am trying to connect with someone to get more information on this matter. I will update once I have more data.

    Thanks!!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @shiprasahu93

    thanks for checking, now we are getting in an area where the community pays off :)

    --Michael@BWC

  • shiprasahu93shiprasahu93 Moderator
    edited June 1

    😁 Glad I could help! I am big fan of SonicWall Community too! When you ask questions, I learn more. Thanks!!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.