OID for VPN Stats / Status for Site-2-Site
kayalan Newbie ✭
I´m lookin for OIDs for VPN site-2-site status (Up/own) and VPN stats, like bytes in/out and errors for monitoring proposes in Zabbix ...
I did some research on internet and to this community, and what I got so far is:
VPN interface index is dynamically, thats mean is not possible to have system assigned statically the index;
There is not OIDs available for the requested parameters so far;
The status is the same for today ? In case does not exists, any forecast ?
Howw can I get status and stats via SNMP or CLI or another kind of access ?
Category: High End Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
What is your firmware version? did you check snmp mib files on mysonicwall.com
SonicWALL TZ 300 (SonicOS Enhanced 126.96.36.199-93n)
I checked those MIB files:
without success ...
what I found is show below ... but does not have any traffic stats and status ...
I didn't find vpn status oid. maybe you can create network monitor and check this probe session failur or successful
If you use a numbered VPN tunnel interface then you can get traffic stats on the interface BUT in some firmware versions it only shows stats for one direction [can't remember if it's TX or RX]. This is more usable than the "normal" VPN tunnels, as the ifIndex is fixed.
For other types of VPN the stats do increment but because the index is dynamic, Zabbix does not handle this very well. I think you would have to write some kind of handler for this to pre-process it before passing to Zabbix, otherwise you will end up a new "interface" every time the VPN re-keys, and when the tunnel is down there is simply no entry for it [as if it were deleted], rather than an entry that shows as Down.
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatCreateTime.2217233172 = STRING: 12/07/2022 08:43:40
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatCreateTime.3534238860 = STRING: 12/07/2022 10:29:45
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatEncryptPktCount.2217233172 = Counter32: 5938
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatEncryptPktCount.3534238860 = Counter32: 0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatEncryptByteCount.2217233172 = Counter32: 1303627
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatEncryptByteCount.3534238860 = Counter32: 0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatDecryptPktCount.2217233172 = Counter32: 5240
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatDecryptPktCount.3534238860 = Counter32: 0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatDecryptByteCount.2217233172 = Counter32: 1227600
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSAStatDecryptByteCount.3534238860 = Counter32: 0
tks for your inputs ... it was very helpfull ... I think there is not explicit OID for what I need ... Like other firewalls that I worked, it handles as regular interface in the system, therefore I can et all info needed via regular RFC1213 ...
My goal i very simple, Get trafic TX/RX and VPN status up/down ....
I´ll need create somehow one script or something else to get this info ....
May be I can use the sonicSAStatDecryptByteCount and sonicSAStatEncryptByteCount OIDs as reference, but I understand this is the payload, without IPSec overheads .... Am I correct ?
You aren't going to get the VPN status, you would have to infer that from whether it's present or not :/
I think you can get the firewall to send an SNMP trap on tunnel up/down events.
From the CLI you could try parsing the output of 'show vpn tunnels'. The format is not particularly machine-friendly. I tried 'cli format out json' as I assumed it would do the obvious [as Zabbix supports JSONPath queries]. But it didn't format the output as JSON, of course :D