Description
Monitors the Cisco Phase-1 IKE Site-to-Site VPN Tunnel Peers Status. It will expect 1 or more peer ips as input against each Site while assigning it on VPN device. This template will be supported by VG v2.7.0 or above [CISCO-IPSEC-FLOW-MONITOR-MIB.mib].
Prerequisites
SNMP should be enabled in end device and device should support CISCO-IPSEC-FLOW-MONITOR-MIB OIDs and SNMP credentials should be attached against the device in portal.
How to Apply: This template will ask user for 2 input parameters while assigning it to a device –
Remote Peer Identity
The value of the remote peer identity. If the remote peer type is an IP Address, then this is the IP Address used to identify the remote peer otherwise hostname.
Example 1: 66.100.189.125 or vpn01.domain.net
Example 2: 66.100.189.125, 66.100.189.54, 66.100.189.100 (to monitor more than 1 remote peer, user can give remote peer addresses with comma separation)
VPN Name
The friendly name for VPN.
Example 1: vpn-datacenter
Metric Parameters
| Parameter | Description |
|---|---|
| Frequency | Warning Threshold | If the metric value satisfies the condition defined along with Warning Threshold value, then a notification is sent to the user. |
| Critical Threshold | If the metric value satisfies the condition defined along with Critical Threshold value, then a notification is sent to the user. |
| Alert | The alert value can be set to either Yes or No. If it is Yes, then an alert message is sent to the user. |
Metrics
cisco.vpn.ike.tunnel.status
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.2.3.1.7 |
| Expression | NULL |
| Description | Monitors the Cisco Phase-1 (IKE) Site-to-Site VPN Tunnel Status. [OID: 1.3.6.1.4.1.9.9.171.1.2.3.1.7] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco Site-to-Site VPN Tunnel (IKE) Status - Multi Peers |
| Unit |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | ||
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | ||
| Critical Threshold | ||
| Critical Repeat Count | ||
| Alert | No | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Note: As Alert is not enabled on the above metric, the fields are left blank.
Sample Output
No graph
cisco.vpn.tunnel.count
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.2.3.1.7 |
| Expression | NULL |
| Description | It represents the number of VPN tunnel peers are in up state. [OID: 1.3.6.1.4.1.9.9.171.1.2.3.1.7 - cikeTunRemoteValue] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco Site-to-Site VPN Tunnel (IKE) Status - Multi Peers |
| Unit |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | ||
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | LESS_THAN | Ends with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with |
| Critical Threshold | 1 | Depends on user input (remote peer IP count) |
| Critical Repeat Count | 1 | 1-12 |
| Alert | Yes | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Sample Output
No graph