cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Cisco ASA 9.6 VPN Pollers

I'm running Cisco ASA Version 9.6(1)10.  Here's the VPN Pollers tweaked a little, along with some notes I compiled while trying to find these, and research them a bit and get them to work.  Hope this helps.

The "main" OID for VPN stats is:  1.3.6.1.4.1.9.9.392

Very helpful MIB website:

http://www.circitor.fr/Mibs/Html/CISCO-REMOTE-ACCESS-MONITOR-MIB.php

====================

I found this, in the mib walk:

.1.3.6.1.2.1.47.1.2.1.1.3.2 = OID: 1.3.6.1.4.1.9.9.171

.1.3.6.1.2.1.47.1.2.1.1.3.3 = OID: 1.3.6.1.4.1.9.9.392

.1.3.6.1.2.1.47.1.2.1.1.3.4 = OID: 1.3.6.1.4.1.9.9.147

Object Information

Specific Object Information

Object entLogicalType

OID 1.3.6.1.2.1.47.1.2.1.1.3

Type AutonomousType

Permission read-only

Status current

MIB ENTITY-MIB ;   -   View Supporting Images  this link will generate a new window

Description "An indication of the type of logical entity. This will

typically be the OBJECT IDENTIFIER name of the node in the

SMI's naming hierarchy which represents the major MIB

module, or the majority of the MIB modules, supported by the

logical entity. For example:

a logical entity of a regular host/router -> mib-2

a logical entity of a 802.1d bridge -> dot1dBridge

a logical entity of a 802.3 repeater -> snmpDot3RptrMgmt

If an appropriate node in the SMI's naming hierarchy cannot

be identified, the value 'mib-2' should be used."

http://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInpu...

**************************************************************************************

!#REM: TOTAL ACTIVE VPN SESSIONS

SnmpWalk -Os -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.392.1.3.3

iso.3.6.1.4.1.9.9.392.1.3.3.0 = Gauge32: 36

Object Information

  Specific Object Information

Object crasNumUsers

OID 1.3.6.1.4.1.9.9.392.1.3.3

Type Gauge32

Permission read-only

Status current

Units Users

MIB CISCO-REMOTE-ACCESS-MONITOR-MIB ;   -   View Supporting Images

Description "The number of users who have active sessions.

http://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInpu...

****************************************************************************************

!#REM: TOTAL ACTIVE SITE TO SITE VPN TUNNELS

SnmpWalk -Os -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.392.1.3.29.0

iso.3.6.1.4.1.9.9.392.1.3.29.0 = Gauge32: 3

Object Information

  Specific Object Information

Object crasL2LNumSessions

OID 1.3.6.1.4.1.9.9.392.1.3.29

Type Gauge32

Permission read-only

Status current

Units Sessions

MIB CISCO-REMOTE-ACCESS-MONITOR-MIB ;   -   View Supporting Images

Description The number of currently active LAN to LAN sessions.

http://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInpu...

****************************************************************************************

!#REM: TOTAL ACTIVE WEBVPN TUNNELS

C:\>SnmpWalk -Os -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.392.1.3.38

iso.3.6.1.4.1.9.9.392.1.3.38.0 = Gauge32: 5

Object Information

  Specific Object Information

Object crasWebvpnNumSessions

OID 1.3.6.1.4.1.9.9.392.1.3.38

Type Gauge32

Permission read-only

Status current

Units Sessions

MIB CISCO-REMOTE-ACCESS-MONITOR-MIB ;   -   View Supporting Images

Description The number of currently active Webvpn sessions.

****************************************************************************************

!#REM: TOTAL ACTIVE IPSEC VPN SESSIONS

SnmpWalk -Os -c -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.392.1.3.26

iso.3.6.1.4.1.9.9.392.1.3.26.0 = Gauge32: 0

Object Information

  Specific Object Information

Object crasIPSecNumSessions

OID 1.3.6.1.4.1.9.9.392.1.3.26

Type Gauge32

Permission read-only

Status current

Units Sessions

MIB CISCO-REMOTE-ACCESS-MONITOR-MIB ;   -   View Supporting Images

Description The number of currently active IPSec sessions.

http://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInpu...

***************************************************************************************

!#REM: TOTAL ACTIVE ANYCONNECT CLIENT VPN SESSIONS

C:\>SnmpWalk -Os -c -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.392.1.3.35

iso.3.6.1.4.1.9.9.392.1.3.35.0 = Gauge32: 29

Object Information

Specific Object Information

Object crasSVCNumSessions

OID 1.3.6.1.4.1.9.9.392.1.3.35

Type Gauge32

Permission read-only

Status current

Units Sessions

MIB CISCO-REMOTE-ACCESS-MONITOR-MIB ;   -   View Supporting Images

Description The number of currently active SVC sessions.

http://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInpu...

=======================OLD MIB==============================================

***********************************************************************************

snmpwalk for #of site to site tunnels:

SnmpWalk -Os -c xxxxxxxxxxxxxxx -v2c 10.x.y.z  iso.3.6.1.4.1.9.9.171.1.2.1.1.0

iso.3.6.1.4.1.9.9.171.1.2.1.1.0 = Gauge32: 3

Object Information

Specific Object Information

Object cikeGlobalActiveTunnels

OID 1.3.6.1.4.1.9.9.171.1.2.1.1

Type Gauge32

Permission read-only

Status current

MIB CISCO-IPSEC-FLOW-MONITOR-MIB ;   -   View Supporting Images  this link will generate a new window

Description "The number of currently active IPsec

Phase-1 IKE Tunnels."

Labels (2)
Attachments
Comments

I did a great job - I'm awesome.

I used "SNMPwalk" command line tool, to test and view values.  Of course, reading SNMP from a firewall - you might have to adjust your ACL's/firewall rules to permit it, from your management computer.

Test if SNMP devices are responding correctly to SNMP queries – P9 | Support

This looks great, but I can't figure out how to use it.  I imported the poller, and assigned it to my ASAs, but how do I view the info? If I try to add a new section to one of the summary pages, I can't find the settings this is querying.

Sorry, I'm new.

Thanks

aobrien5


Follow these steps:

1. From Manage Nodes, click your ASA.

2. On the left, (where it says Summary, Vital Stats, Network), click Network. You should see Universal Device Poller Custom Chart at the bottom right (by default). You'll want to click "Configure this resource". If you don't see it, you'll have to click the Add Tab button which will bring up edit mode so you can customize your Solarwinds layout. Just add Universal Device Poller Custom Chart to whatever column you would like for it to appear.

3. Once you've made it to configuring the UnDP Custom Chart, you can choose Left Y-Axis or Right, and click the drop down menu and select the values from the list.

I have attached a screenshot. Hope this helps.

SW ASA VPN Poller.png

Very helpful, thank you!

I am not able to import this poller when manage pollers.  When I click on the Thwack Community Pollers tab, search for Cisco ASA, select Cisco SAS 9.6 VPN Pollers and then select Import device poller, I receive the following message.

Failed to import device poller! Reason:

This does not appear to be a valid Device Studio poller. Please use another poller.

Anyone else having this issue?

I do - using NPM 12.1..

Version history
Revision #:
1 of 1
Last update:
‎10-07-2016 01:22 PM
Updated by: