05-24-2013 07:45 AM
Do the tunnel interfaces that get created as part of building a Site-to-Site IPSec tunnel show up via SNMP interface polling? That would be awesome if we could monitor tunnel bandwidth by walking the device and monitoring the ifInOctets and ifOutOctets for the tunnel interfaces themselves.
05-24-2013 10:29 AM
To answer myself it looks like an snmpwalk of 'ifName' doesn't show that tunnel interfaces are exposed... I tested on a PA5020 with PANOS4.1 and a PA4020 with PANOS 5
$ snmpwalk -v2c -c my_super_secret_snmp_v2_password pa4020 ifName
IF-MIB::ifName.1 = STRING: mgmt
IF-MIB::ifName.2 = STRING: ha1
IF-MIB::ifName.3 = STRING: ethernet1/1
IF-MIB::ifName.4 = STRING: ethernet1/2
IF-MIB::ifName.5 = STRING: ethernet1/3
IF-MIB::ifName.6 = STRING: ethernet1/4
IF-MIB::ifName.7 = STRING: ethernet1/5
IF-MIB::ifName.8 = STRING: ethernet1/6
IF-MIB::ifName.9 = STRING: ethernet1/7
IF-MIB::ifName.10 = STRING: ethernet1/8
IF-MIB::ifName.11 = STRING: ethernet1/9
IF-MIB::ifName.12 = STRING: ethernet1/10
IF-MIB::ifName.13 = STRING: ethernet1/11
IF-MIB::ifName.14 = STRING: ethernet1/12
IF-MIB::ifName.15 = STRING: ethernet1/13
IF-MIB::ifName.16 = STRING: ethernet1/14
IF-MIB::ifName.17 = STRING: ethernet1/15
IF-MIB::ifName.18 = STRING: ethernet1/16
IF-MIB::ifName.19 = STRING: ethernet1/17
IF-MIB::ifName.20 = STRING: ethernet1/18
IF-MIB::ifName.21 = STRING: ethernet1/19
IF-MIB::ifName.22 = STRING: ethernet1/20
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
