Create a Post
Showing results for 
Search instead for 
Did you mean: 

Monitoring VPN tunnels through SNMP Mibs

I am  trying to monitor VPN Site-to-site tunnel via SNMP mibs.  In this regard, I have few questions and I could not conclusively get information from the documents.  

  1. The tunnelTable (.  has the VPN tunnel entries .  I currently have access and the snmpwalks from only one side the VPN Gateway.  Will the Gateway at both end of Tunnel report the same tunnel , reporting each other as VPN Peer ?
  2. The MIB oid tunnelInterface (. doesn't have any value in snmpwalk file I got. I assume this  is interface name of the interface on which this VPN tunnel is operating. Do I expect to see valid value for this MIB always or Are there reason why I may not see any value for this mib oid ?
  3. Related to the above question, I have the same doubt related to tunnelSourceIpaddress. Do I expect to see valid value for this MIB oid as well always  for a vpn tunnel ?
  4. Are the MIB Oids tunnelInterface and tunnelSourceIPAddress are interface and IP address of the VPN gateway reporting the VPN tunnel in the tunnel Table MIB ?
  5. What does the MIB Oid tunnelPeerObjName (. give ? Is it VPN Gateway's host name ? or any configured  name for vpn ?
  6. There are two MIB  tables that give vpn tunnel information : tunnelTable (. and permanentTunnelTable(. It appears the tunnelTable has both regular and Permanent VPN tunnel information , So that I can get all vpn tunnels of a gateway from just tunnelTable entries alone. Is that correct?


Thanks in advance for any help in getting answers or pointing to any doc/material that can provide answers.

0 Kudos
6 Replies

1. My understanding is yes.
2-4, I believe they may only be relevant if you are using route-based VPNs, but aren't sure and recommend consulting with the TAC:
5. Believe it's the object name as defined in SmartConsole.
6. The documentation says to monitor tunnelTable:

0 Kudos

Thanks a lot for your response.  

0 Kudos

I've been fighting with snmp for tunnel monitoring for a few months now...and I can tell you that the data in . cannot be trusted. The snmp data shows tunnel status as "down", this is obviously contradicted by my logs, which shows encrypted/decrypted traffic going through this tunnel.  It is also contradicted by the output of 'vpn tu tlist' which shows tunnels as established. I assume the tunnel status shown in SmartView Monitor is based on snmp - this is inaccurate as well. This is a problem as I'm trying to configure alerts for tunnel up/down status, and I don't have an accurate way to get this information.

Frustrating to say the least - it's the year 2024, we should not have to be dealing with bugs in snmp.



My experience is sadly the same...



0 Kudos

Dear ones,

I'm in the same situation, I'm trying to monitor the vpn tunnels via zabbix, but without much results, did you get anything?

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events