10-29-2014 02:26 AM
- I can plot data from physical interfaces (from the PA) in MRTG, such as for instance
data from Eth1/1 and Eth1/2. But MRTG's cfgmaker doesn't get any info about tunnel
interfaces. Could this be made possible, for instance by adapting some changes in the firewall.
If so, which one(s) ?
M.
10-29-2014 05:35 AM
Hello marce1000,
As far as I know, we can only monitor for physical interfaces in MRTG. Virtual interfaces like tunnel interfaces cannot be monitored with MRTG. There are 2 related queries in MRTG forum, but unfortunately not answered.
http://oss.oetiker.ch/mrtg/nabble-mrtg.en.html#nabble-td7579926 >>>> Monitoring IPSec VPN tunnels on Palo Alto 200 firewall device
http://oss.oetiker.ch/mrtg/nabble-mrtg.en.html#nabble-td807526 >>>>>> Ipsec
Thanks
10-29-2014 05:40 AM
it is not possible to monitor tunnels.
10-29-2014 05:56 AM
Hello marce1000,
Currently not able to monitor logical tunnel interfaces with snmp.
You can reach out to your Sales Engineer to request to vote on the following Feature Request.
FR ID: 1054 - SNMP MIB variable for IPSec VPN tunnel status
FR ID: 1095 - Allow SNMP monitoring of VPN tunnel bandwidth
06-18-2015 01:21 AM
Monitoring of tunnel traffic works now - but only after upgrading to PanOS 7.0
06-18-2015 03:41 AM
Thanks for the update on this FR for tunnel monitoring. This is a welcome feature.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
