Solved

SNMP OID for a Cisco ASA Firewalll for Interfaces defined as "inside" and "outside"

Posted on 2010-09-10
7
3,021 Views
Last Modified: 2012-05-10
Question: I am trying to extract SNMP stats for interfaces on a CISCO PIX. I have the OID for the Interface description but, this does not contain any stats for traffic.

Whats is the OID for the physical interfaces showing traffic throughput - mainly for "inside" and "outside"
I have been returned the answer below but as it says this is only
a description. What is the OID for actual traffic in/out of the interafces  
OID for "INSIDE"
1.3.6.1.2.1.2.2.1.2
Instance:  2
Label:  iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr
0
Comment
Question by:ccfcfc
  • 5
  • 2
7 Comments
 
LVL 28

Expert Comment

by:bgoering
ID: 33650968
0
 
LVL 28

Expert Comment

by:bgoering
ID: 33650981
You should be able to monitor with MRTG - it will extract the OIDs for you and track bandwidth/throughput over time
0
 

Author Comment

by:ccfcfc
ID: 33660401
Yes those OID's returned are exactly as I said, a description they dont contain any vales I can use in a formual to calculate traffic on the 2 interafecs "outside" and "inside"

What is MTRG  ? I can walk the whole mid wib with a WIB Walker but I need to know the MID values for both interfaces. Any monitoring application will need to know what MIB you want to report on surely ?


0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 28

Expert Comment

by:bgoering
ID: 33662513
MRTG is a free application that monitors traffic throughput through interfaces. See http://oss.oetiker.ch/mrtg/

For the PIX/ASA this document (http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml) has a description of most of what can be monitored including links to the MIB information.

Note that SNMPv1 will return 32 bit counters - these will roll over fairly frequently in a high traffic environment so you may want to use SNMPv2 to get the 64-bit counters.

Good Luck
0
 

Author Comment

by:ccfcfc
ID: 33671547
MRTG - thanks for the link to this. Looks very interesting indeed. What are the restrictions if any for reporting ion this. Any on reporting frequency , alertign ?

I can walk an SNMP MIB and extract all information. What I am looking for is the OID that contains information concerning data volumes through interfaces. I was provided with an OID that is :-
iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifDescr
But as it says this is solely a description and does not contain any value I can use to graph
0
 
LVL 28

Accepted Solution

by:
bgoering earned 500 total points
ID: 33672850
There are no restrictions for MRTG - I would set it up, let it add the ASA device (there is a perl script called cfgmaker to do that) and see what it comes up with for sampling the throughput.

When it runs it creates some graphs and statistics for utilization over daily (5 minute averages), weekly (30 minute averages), Monthly (2 hour), and Yearly (1 day). See Screenshot

It saves the samples in text files that I suppose you could run any type of application to report from.

I have not tried to run it directly against a PIX or ASA - but I do run it extensively against routers and switches in order to determine throughput - so if for some reason it won't work against your firewall you could always run it against the switch port the firewall is plugged into. Should work fine except that the input/output numbers would be reversed.

As far as the various counters you might look at iso.org.dod.internet.mgmt.mib-2.interfaces.  

interfaces.ifTable.ifEntry.ifInOctets.#
interfaces.ifTable.ifEntry.ifInUcastPkts.#
interfaces.ifTable.ifEntry.ifInNUcastPkts.#
interfaces.ifTable.ifEntry.ifInDiscards.#
interfaces.ifTable.ifEntry.ifInErrors.#
interfaces.ifTable.ifEntry.ifOutOctets.#
interfaces.ifTable.ifEntry.ifOutUcastPkts.#
interfaces.ifTable.ifEntry.ifOutNUcastPkts.#
interfaces.ifTable.ifEntry.ifOutDiscards.#
interfaces.ifTable.ifEntry.ifOutErrors.#

Where '#' is the interface number


mrtg-sample.jpg
0
 
LVL 28

Expert Comment

by:bgoering
ID: 33672866
whoops - had an extra "interfaces." keyword above, I really should proofread
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question