Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
We have an SRX5800 that is running junos 12.1X46-D35.1.
we have implemented VPN tunnels and we want to monitor it (number of active tunnels, number of down tunnels, ) using MIBs.
I want to know if there is an OID that monitors the number of ipsec tunnels and the subinterfaces of st0.
Check out the Junos MIB Exporer search.
I think the OID for active tunnels you want is:
Number of active VPNs.
I don't see a count for down tunnels but there is a trap for the tunnel going down
A jnxVpnIfDown notification is generated when the interface with index jnxVpnIfIndex belonging to the VPN named jnxVpnIfVpnName of type jnxVpnIfVpnType transitions to the 'down' state.
I don't see what you are looking for on the interface for VPN. But you might be able to use the jnxVpnIfEntry tree to monitor what you are looking for.
We still need the mentionned OIDs.
Please is there anyone who faced this issue ans succeeded to find out the solution.
I am looking forward to reading your notes, please.
I've setup some active VPN tunnels and run the snmp mib tests on the Junos command line. I get the same results you mention, no results, and I can see the active SA on the box at the time. So these don't work even on an SRX running 12.3
The MIB OID you are looking into is for MPLS VPNs not IPSEC.
Looks like this is the correct tree section on the MIB and there are a number of phase 1 and phase 2 specific options to consider for monitoring down from here.