Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jirka1
Contributor II

IPsec site2site SNMP monitoring

Hello friends, we have a PRTG Network Monitor for monitoring our and customers network. One of customers have a Fortigate 100D unit and we want need monitoring IPsec Site2Site tunnels traffic using SNMP. Fortigate is configured and set up and we already monitored CPU, MEM, LAN&WAN iface, but we can´t find OID for IPsec VPN tunnels. Its possible? Thank you. Regards
3 REPLIES 3
emnoc
Esteemed Contributor III

What do you want to monitor? The number of VPN counts ? Traffic over a VPB etc? If you do route-based vpn aka interface-mode, than you can graph traffic in/out like any other interface. If you want to graph number of sslvpn/ipsec users, the mibs are in the fortinet-mib files. FORTINET-FORTIGATE-MIB FORTINET-CORE-MIB You will have todo some trial and error and testing. Start by snmpwalk at oid .1.3.6.1.4.1.12356.101.12.2.3.1 YMMV across fortios and models.

PCNSE 

NSE 

StrongSwan  

Jirka1
Contributor II

Hello, Unfortunately, if you run snmpwalk with your OID (.1.3.6.1.4.1.12356.101.12.2.3.1). give me this error:
Paessler SNMP Tester 5.0 (Beta11)
 10.7.2014 16:02:19 (1 ms) : Device: 195.144.97.26
 10.7.2014 16:02:19 (1 ms) : SNMP V1
 10.7.2014 16:02:19 (2 ms) : Walk 1.3.6.1.4.1.12356.101.12.2.3.1 
 10.7.2014 16:02:19 (3 ms) : Error: -2007
 
Of course, both MIB files Fortinet-FortiGate-MIB I imported as a template but there is not OID for the IPsec tunnels traffic. I only have a sensor on the number of currently registered IPsec tunnels, bud i need monitored traffic. And yes, i use only route-base VPN. Am I doing something wrong? Thanks
emnoc
Esteemed Contributor III

if it' s only traffic than find the interface Index; snmpwalk -c blahbahbah -v2c x.x.x. ifIndex snmpwalk -c blahbahbah -v2c x.x.x. alias And the OID I mention b4 works fine for me; SNMPv2-SMI::enterprises.12356.101.12.2.3.1.1.1 = INTEGER: 2 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.2.1 = Counter32: 0 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.3.1 = Counter32: 0 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.4.1 = Counter32: 0 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.5.1 = Counter32: 2 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.6.1 = Counter32: 0 SNMPv2-SMI::enterprises.12356.101.12.2.3.1.7.1 = Counter32: 0 but like I mention B4 YMMV with oids being consistence thruout fortios. Please use a midtree viewer or depot for the MIB relations; e.g 1.3.6.1.4.1.12356.101.12.2 = fgVpnTables http://www.mibdepot.com/cgi-bin/getmib3.cgi?win=mib_a&r=fortinet&f=fortinet-fortigate-mib&v=v2&t=tree

PCNSE 

NSE 

StrongSwan