Monitor VPN Tunnel

What interface is your tunnel?

sh ip int bri

It terminates on the "Outside" interface.

Wouldn't it be easier to just monitor the device on the other end of the tunnel?

Because there are the possibility of multiple VPN tunnels, the three digits would indicate which one, this requires the GET TABLE functionallity which is not supported in 8.1 and from some other threads, wont be in 8.5 either, maybe 9.0?  I really would like GET TABLE to monitor my servers (Disks, Logicial partitions, Arrays, Temperature sensors, etc)

I monitor my VPNs (only one per ASA) by monitoring (at the far end) the inside interface on the ASA and the outside interface on the edge router so if the ASA goes down but the edge router stays up, I know its the VPN and if the edge router goes down then everything is down. 

JB 

Hello,

 I am also having problem with monitoring of VPN tunnels on our Cisco VPN concentrator, we have around 24 LAN-to-LAN IPSEC VPN tunnels and I want to monitor the bytes received and transmit for each tunnel, please tell me which OID will do this? I have Cisco VPN Concentrator 3020 series

Thanks,

Ali

We are using a Cisco ASA running version 8.0.x code and would like to gather stats on each of the ~100 tunnels we have active.  These tunnels terminate with vendors and other organizations so we would be unable to monitor the remote side other than up/down status.  It would be nice to be able to have Orion provide detailed reporting on each connection entry.  Anybody from Solarwinds have anything, yes or no, or coming soon?

 Get Table functionality is coming in the next major Orion release.

 Denny, thanks for the quick response and you have made my day.  I'm happy it's in the works.

jk 

 This is what I've been doing with my ASA VPN tunnels...  For each tunnel I setup, I determine an IP address on the remote side that the IT staff will allow me to ICMP poll, at a minimum.  Ideally, I get them to allow me public/RO access to some key resource on their end that should "always be up".  I then monitor that IP address and as a Node, give it Custom Properties that describe it as a site-to-site VPN, etc.