Description
It monitors IpSec and IKE traffic for each tunnel. Few 64 bit OIDs are being used in this template to monitor IpSec tunnels. This template is applicable on Cisco ASA firewalls.
Prerequisites
SNMP should be enabled in end device and device should support CISCO-IPSEC-FLOW-MONITOR-MIB 64-bit OIDs and SNMP credentials should be attached against the device in portal.
How to Apply: This template is All instance selection based. It will not ask user to select any instance (s) while assigning it to a device.
Metric Parameters
| Parameter | Description |
|---|---|
| Frequency | Warning Threshold | If the metric value satisfies the condition defined along with Warning Threshold value, then a notification is sent to the user. |
| Critical Threshold | If the metric value satisfies the condition defined along with Critical Threshold value, then a notification is sent to the user. |
| Alert | The alert value can be set to either Yes or No. If it is Yes, then an alert message is sent to the user. |
Metrics
cisco.ike.in.octets.phase1
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.2.3.1.19 |
| Expression | cikeTunInOctets * 8 |
| Description | The total number of octets received by this IPsec Phase-1 IKE Tunnel. [OID: 1.3.6.1.4.1.9.9.171.1.2.3.1.19] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco IKE Tunnel Traffic 32 bit |
| Unit | bps |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | NULL | NA |
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | ||
| Critical Threshold | ||
| Critical Repeat Count | ||
| Alert | No | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Note: As Alert is not enabled on the above metric, the fields are left blank.
Sample Output
No graph
cisco.ike.out.octets.phase1
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.2.3.1.27 |
| Expression | cikeTunOutOctets * 8 |
| Description | The total number of octets sent by this IPsec Phase-1 IKE Tunnel. [OID: 1.3.6.1.4.1.9.9.171.1.2.3.1.27] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco IKE Tunnel Traffic 32 bit |
| Unit | bps |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | NULL | NA |
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | ||
| Critical Threshold | ||
| Critical Repeat Count | ||
| Alert | No | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Note: As Alert is not enabled on the above metric, the fields are left blank.
Sample Output
No graph
cisco.ipsec.in.octets.phase2
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.3.2.1.27 |
| Expression | cipSecTunHcInOctets * 8 |
| Description | A high capacity count of the total number of octets received by this IPsec Phase-2 Tunnel. [OID: 1.3.6.1.4.1.9.9.171.1.3.2.1.27] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco IpSec Tunnel Traffic 64 bit |
| Unit | bps |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | NULL | NA |
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | ||
| Critical Threshold | ||
| Critical Repeat Count | ||
| Alert | No | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Note: As Alert is not enabled on the above metric, the fields are left blank.
Sample Output
No graph
cisco.ipsec.out.octets.phase2
Metric Details
| Applicable for | Device |
| SNMP OID | 1.3.6.1.4.1.9.9.171.1.3.2.1.40 |
| Expression | cipSecTunHcOutOctets * 8 |
| Description | A high capacity count of the total number of octets sent by this IPsec Phase-2 Tunnel. [OID: 1.3.6.1.4.1.9.9.171.1.3.2.1.40] |
| Category | SNMP monitors |
| Collector Type | Gateway |
| Monitor Name | Cisco IpSec Tunnel Traffic 64 bit |
| Unit | bps |
Possible Inputs
| Metric | Input Value | Range of Values |
|---|---|---|
| Frequency | 5 | 1 – 1440 (mins) |
| Filter | NULL | NA |
| Warning Operator | ||
| Warning Threshold | ||
| Warning Repeat Count | ||
| Critical Operator | ||
| Critical Threshold | ||
| Critical Repeat Count | ||
| Alert | No | Yes/No |
| Graph (Yes/No) | Yes | Yes/No |
Note: As Alert is not enabled on the above metric, the fields are left blank.
Sample Output
No graph