Firewall Wizards mailing list archives
Re: Yeah - new syslog server
From: William <willay () gmail com>
Date: Fri, 16 Jun 2006 07:55:51 +0100
Hey Brian, Perhaps look into something like SmokePing? (http://oss.oetiker.ch/smokeping/) You could have one of your management boxes run SmokePing and set one of its 'targets' to be the inside interface of one of your client's firewalls. Then just add the correct ACL to let you icmp/ip whatever the inside interface over the VPN, SmokePing gives you packetloss and latency in pretty graphs (view across http). In theory it should show packet loss when your VPN tunnels disconnect for a reason such as their Internet connection going down. :) Cheers, Will On 15/06/06, Brian Loe <knobdy () gmail com> wrote:
So, my company is getting nailed for not meeting its SLA agreements for uptime. Because of this my manager has asked me for a way to monitor VPN uptimes (for one). Now, and if someone here knows something different PLEASE tell, all of our site-to-site VPN endpoints are either a Cisco router (older 2600s I believe) or a PIX (515s I think). I haven't found a way to monitor the tunnels on those devices because there isn't a "interface-like" OID. The system I use to monitor everything else can gather data from SNMP polls or scripts and a host of other things - but I haven't found anything for these tunnels on these devices. After explaining that to my boss I stated that I'm pretty sure I could monitor *downtime* with a syslog server. He said good, spec one and we'll get it ordered. We've placed an order for an IBM 510 with a usable 1.2TB RAID array. This SHOULD be plenty for doing this, and complying with any future requirements we might have (DITSCAP, for one) allowing 11 months of archived data, 1 month of live data (all raw) and the various "break-out" log files. I've got a few scripts from others on this list that I'll be using for everything - just wondering if anyone here has experience with the tunnel monitoring part? _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Yeah - new syslog server Brian Loe (Jun 15)
- Re: Yeah - new syslog server Kevin (Jun 15)
- Re: Yeah - new syslog server William (Jun 16)
- <Possible follow-ups>
- Re: Yeah - new syslog server Larry Pitcher (Jun 15)
- Re: Yeah - new syslog server Brian Loe (Jun 15)
- Re: Yeah - new syslog server Ken Fox (Jun 15)
- Re: Yeah - new syslog server Brian Loe (Jun 15)
- Re: Yeah - new syslog server Crissup, John (MBNAP it) (Jun 15)