Feedback
Did this article resolve your question/issue?

   

Article

VPN Monitoring

« Go Back

Information

 
TitleVPN Monitoring
URL NameVPN-Monitoring
Article Number000191184
Environment
Question/Problem Description
You can use WhatsUp Gold to monitor various aspects of VPN using the three monitor types.  The following are examples of Cisco and Checkpoint VPN monitoring:
 
Steps to Reproduce
Clarifying Information
Error Message
Defect Number
Enhancement Number
Cause
Resolution
Active Monitor

The most basic is checking the ifOperstatus value of a Tunnel interface as an Active Monitor. This is part of the Interface monitor and is discovered and added to your discovered devices automatically. 
User-added imageYou can monitor the status of a Checkpoint VPN tunnel on a Gateway using the following OID: .1.3.6.1.4.1.2620.500.9002.1.3.xxx.xxx.xxx.xxx.0 where xxx.xxx.xxx.xxx is the IP of the other gateway. Match the returned value against following table:

3 active
4 destroy
129 idle
130 phase1
131 down
132 init

User-added image


In the above example, the Gateway IP is 10.10.10.10.  Note the instance of 0.

Performance Monitor

You can create a performance monitoring to check concurrent users that are connected via Remote Access VPN Client.

Using the Cisco Remote Access Monitor mib you can define a Performance monitor to track the number of concurrent users and this will also allow you to set threshold alerts in the Alert Center Libraries.

The OID for the Performance Monitor is 1.3.6.1.4.1.9.9.392.1.3.3

There are a number of other OID’s to monitor as well either as an Active Monitor or Performance monitor:
       crasEmailNumSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.23 )
       crasEmailCumulateSessions (Oid: 1.3.6.1.4.1.9.9.392.1.3.24 )
       crasEmailPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 25 )
       crasIPSecNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 26 )
       crasIPSecCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 27 )
       crasIPSecPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 28)
       crasL2LNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 29 )
       crasL2LCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 30 )
       crasL2LPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1.3. 31 )
       crasLBNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 32 )
       crasLBCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 33 )
       crasLBPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.34 )
       crasSVCNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 35 )
       crasSVCCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 36 )
       crasSVCPeakConcurrentSessions(Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.37)
       crasWebvpnNumSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 38 )
       crasWebvpnCumulateSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3.39 )
       crasWebvpnPeakConcurrentSessions (Oid: 1.3. 6. 1. 4. 1. 9. 9. 392. 1. 3. 40 )

Passive Monitor

Another method is to use WhatsUp Gold’s passive monitor to listen for VPN traps:
Using the same Cisco Remote Access Monitor mib, you can define a number of helpful passive monitors (snmp traps) such as:
1.3.6.1.4.1.9.9.392.0.1 ciscoRasTooManySessions
1.3.6.1.4.1.9.9.392.0.2 ciscoRasTooManyFailedAuths
1.3.6.1.4.1.9.9.392.0.3 ciscoRasTooHighThroughput


 
Workaround
Notes
Last Modified Date11/12/2021 5:21 PM
Attachment 
Files
Disclaimer The origins of the information on this site may be internal or external to Progress Software Corporation (“Progress”). Progress Software Corporation makes all reasonable efforts to verify this information. However, the information provided is for your information only. Progress Software Corporation makes no explicit or implied claims to the validity of this information.

Any sample code provided on this site is not supported under any Progress support program or service. The sample code is provided on an "AS IS" basis. Progress makes no warranties, express or implied, and disclaims all implied warranties including, without limitation, the implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample code is borne by the user. In no event shall Progress, its employees, or anyone else involved in the creation, production, or delivery of the code be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample code, even if Progress has been advised of the possibility of such damages.