Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

HA Status monitoring

Just wondering if it's possible to get the HA Status via SNMP for monitoring purposes? I've gone through the MIB files and can't find anything for HA Status.

We're using PRTG for monitoring and have a pair of nSA 4650's in HA. We are able to get SNMP information from each firewall using their individual management IP addresses but it would be really useful if we could identify which one was currently Active and which one was in Standby and show that on our PRTG display map. I realise we could just login to the firewall and take a look but if we could just glance at the display and see which is which without having to login it would be very useful as the two firewalls are in totally separate locations on site. Of course if there were any issues a number of other sensors would be alerting but it would be a nice to have.

Category: Firewall Management and Analytics
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    If it's not in the MIB than not likely. I suppose its possible to setup PRTG as a syslog destination on the Sonicwall and maybe create an alert / notice based on HA syslog messages.

    I've done PRTG as the syslog destination, but never the HA monitoring. Seems logically possible.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    Hi @Jason_W ,

    Try to configure the PRTG SNMP SONICWALL SYSTEM HEALTH SENSOR,

    It will give you the sonicwall health as same as below;

    1. Connection Cache Used
    2. CPU Usage
    3. Downtime
    4. Memory Usage
  • MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    Hi Jason,

    you can find the high availability sensors in the "SONICWALL-FIREWALL-TRAP-MIB.MIB" file at Sonicwall download center.

    MIB File Section is below.

     ========== High Availability ====================================

        trapTypeEnhHaActivePrimary                  ( 6201), -- Primary firewall has transitioned to Active

        trapTypeEnhHaActiveBackup                  ( 6202), -- Secondary firewall has transitioned to Active

        trapTypeEnhHaIdlePrimary                   ( 6203), -- Primary firewall has transitioned to Idle

        trapTypeEnhHaIdleBackup                   ( 6204), -- Secondary firewall has transitioned to Idle

        trapTypeEnhHaMissedHeartbeatPrimary             ( 6205), -- Primary missed heartbeats from Secondary

        trapTypeEnhHaMissedHeartbeatBackup              ( 6206), -- Secondary missed heartbeats from Primary

        trapTypeEnhHaErrorReceivedPrimary              ( 6207), -- Primary received error signal from Secondary

        trapTypeEnhHaErrorReceivedBackup               ( 6208), -- Secondary received error signal from Primary

        trapTypeEnhHaBackupPreempt                  ( 6209), -- Secondary firewall being preempted by Primary

        trapTypeEnhHaPrimaryPreempt                 ( 6210), -- Primary firewall preempting Secondary

        trapTypeEnhActiveBackupBackdown               ( 6211), -- Active Secondary detects Active Primary: Secondary going Idle

        trapTypeEnhHaPrefsImportError                ( 6212), -- Imported HA hardware ID did not match this firewall

        trapTypeEnhHaDiscoveredBackup                ( 6213), -- Discovered HA Secondary Firewall

        trapTypeEnhHaSyncedHaPeer                  ( 6214), -- HA Peer Firewall Synchronized (%s)

        trapTypeEnhHaSyncingError                  ( 6215), -- Error synchronizing HA peer firewall (%s)

        trapTypeEnhHaWrongSrcPrimary                 ( 6216), -- Primary received heartbeat from wrong source

        trapTypeEnhHaWrongSrcBackup                 ( 6217), -- Secondary received heartbeat from wrong source

        trapTypeEnhHaPktError                    ( 6218), -- HA packet processing error

        trapTypeEnhHaContentNotMatch                 ( 6219), -- Heartbeat received from incompatible source

        trapTypeEnhBackupActivePreempt                ( 6220), -- Secondary going Active in preempt mode after reboot

        trapTypeEnhHaSetError                    ( 6221), -- "Error setting the IP address of the Secondary, please manually set to Secondary LAN IP"

        trapTypeEnhHaSyncError                    ( 6222), -- Error updating HA peer configuration

        trapTypeEnhPrimaryLinkDownBackoff              ( 6223), -- "Primary WAN link down, Primary going Idle"

        trapTypeEnhBackupLinkDown                  ( 6224), -- "Backup WAN link down, Primary going Active"

        trapTypeEnhPrimaryLinkDown                  ( 6225), -- "Primary WAN link down, Backup going Active"

        trapTypeEnhPrimaryLinkBackUp                 ( 6226), -- "Primary WAN link up, preempting Backup"

        trapTypeEnhHaRebootedHaPeer                 ( 6227), -- HA Peer Firewall Rebooted

        trapTypeEnhHaRebootingError                 ( 6228), -- Error Rebooting HA Peer Firewall

        trapTypeEnhHaLicenseError                  ( 6229), -- License of HA pair doesn't match

        trapTypeEnhHaRebootReceivedPrimary              ( 6230), -- Primary received reboot signal from Secondary

        trapTypeEnhHaRebootReceivedBackup              ( 6231), -- Secondary received reboot signal from Primary

        trapTypeEnhHaSyncingPref                   ( 6232), -- Synchronizing preferences to HA Peer Firewall

        trapTypeEnhHaLogicLinkUp                   ( 6233), -- Success to reach Interface %s probe

        trapTypeEnhHaLogicLinkDown                  ( 6234), -- Failure to reach Interface %s probe

        trapTypeEnhHaBackupWillShutdown               ( 6235), -- Secondary will be shut down in %s minutes

        trapTypeEnhHaBackupShutdown                 ( 6236), -- Secondary shut down because license is expired

        trapTypeEnhHaBackupActive                  ( 6237), -- Secondary active

        trapTypeEnhHaError                      ( 6238), -- %s

        trapTypeEnhHaWarn                      ( 6239), -- %s

        trapTypeEnhHaInfo                      ( 6240), -- %s

        trapTypeEnhHaAlert                      ( 6241), -- %s

        trapTypeEnhHaNotice                     ( 6242), -- %s

        trapTypeEnhHaDebug                      ( 6243), -- %s



    Mitat Önge

    Mysis Biligi Teknolojileri / TURKEY

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Good call looking at the MIB Mitat, I shouldn't assume the OP did the proper research.

  • Jason_WJason_W Newbie ✭

    I did try looking through the MIB file but it wasn't obvious where to find the parts I was looking for. I've decided that this is a nice to have but not a necessity as the standard PRTG Sonicwall SNMP Sensors give me all the data I need and I can tell at a glance which Firewall is the primary just from the traffic stats.

  • ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    We poll the serial OID [snwlSysSerialNumber] of the virtual IP of the HA pair and if the serial has changed [because each unit has it's own serial] then raise a trigger for further investigation.

Sign In or Register to comment.