Help on SONICWALL VPN tunnel monitoring

Hello,

I’m a bit lost in my task to set up VPN tunnel monitoring of SONICWALLs and need some help to move into the right direction.

Basically I just want to monitor the VPN tunnel count and an alert rule should notify in case this number changes significantly.
Creating a graph would be nice, but is not necessary.

In order to query the information needed we have two options:

By SNMP:
Unfortunately the SONICWALLs don’t provide this count in an OID via SNMP. Instead there’s a table which contains all the indices of the tunnels.

$ snmpwalk <AUTHDATA> "vpn-gw" .1.3.6.1.4.1.8741.1.3.2.1.1.1.1 | wc -l
930

would just count the number of indices and do that task.

By login:
The other option is to log into the device and run a command there:

admin@vpn-gw> show vpn tunnels summary
Total IKE SAs: 646
Total IPsec SAs: 934

Unfortunetaly SONICWALLs don’t support public key authentication, so using the plugin “check_by_ssh” might become a bit difficult.

I could write my own plugin which would just count the indices…
But how would I pass the SNMP-authentication data to it?
I could not find any documentation on how to setup a service that requires SNMP-parameters…
such as “authlevel, authPriv, authname, etc…”

My prefered way however was the interactive query (because it’s more accurate).
We are using oxidized and oxidized actually knows the login credentials of these devices…

Here are my questions:

  1. What would you suggest to accomplish that task?
  2. For the login-method: Is there a way to query these authentication data from oxidized so I can use them in my plugin?
  3. For the SNMP-method: Is there a way to query the SNMP-authentication data from libre? In other words, are there any variables (bside the host-ip) available to the nagios plugins?

Any help is appreciated.

Thank you!

Best regards,

  • awaum