Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Monitor by SNMP


A customer of us wants to monitor interfaces, subinterfaces and L2L IPSEC VPNs using SNMP CACTI tool.

I have no problem with interfaces. But I cannot figure out how to see subinterfaces and L2L VPNs.

Any idea?


Category: Firewall Management and Analytics

Best Answer


  • BWCBWC Cybersecurity Overlord ✭✭✭
    edited May 2020


    I'am not sure, but I guess L2L stands for lan-to-lan, also known as Site-to-Site? AFAIK you can't monitor VPN connections via SNMP, a feature I really myself as a ZABBIX fan. There are some entities, but IMHO not usable for dynamic monitoring.

    UPDATE: if you know all of your VPN tunnels (no dynamic discovery) you could check sonicSAStatUserName for their existence. This entry is only available via SNMP if the connection is active. Not perfect but better than nothing.


  • Hi!

    I know PRTG does this. It identifies VPNs lan-to-lan from Sonicwall.

    But I need it to work with CACTI.

  • BWCBWC Cybersecurity Overlord ✭✭✭
    edited May 2020


    Cacti is IMHO a bit limited for that, but sonicwallFwVpnIPSecStats is all what you've got VPN-wise. Check with SONICWALL-FIREWALL-IP-STATISTICS-MIB, sonicSAStatEncryptByteCount can be used for bandwith calculation.

    The subinterfaces (VLAN?) are in the interfaces section, like all the other Ethernet interfaces. Dunno anything about the SNMP view of other interface types.


  • EdcudillaEdcudilla Newbie ✭

    Hi to all! I also have a problem like this. I want to get the no of users display it on Zabbix. Why they didn't include it to their snmp MIB its only very basic yet important counter in this time of pandemic.

    After all my research I bump up with this site:, IT gives the vpn information connected to the firewall, the problem is how to integrate it to zabbix. Seeing the APIs theres also reporting for ipsec and vpn leased by dhcp.


  • BWCBWC Cybersecurity Overlord ✭✭✭
    edited October 2020

    Hi @Edcudilla

    as a fellow ZABBIX user I feel you. SNMP support is lacking a bunch of features, but getting the information via API or SSH is probably the only way to go.

    I'am following every MIBs release and hope for the best, but no much changes there, all focus on API I guess.

    Integration into ZABBIX should be straight forward with a trapper host or active check from an agent calling the script. I'am lacking behind all my efforts, because I would like to have information back to my ZABBIX as well, but time is a rare good.


Sign In or Register to comment.