Performance monitors that help in VPN Monitoring in OpManager

OpManager allows you to monitor the critical metrics in your network and helps in maintaining the integrity of the VPN connection. There are approximately 1000 firewall templates with built-in performance metrics shipped with OpManager. Apart from those templates, listed below are a list of VPN specific performance monitors that can be associated with the device. You can also create custom monitors as per your requirements. You can find these performance monitors under Settings -> Monitoring -> Performance Monitors.

Vendor Name Monitor Name Protocol OID Description
Cisco Tunnel In-Octet SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.19 Monitors the VPN Tunnel In-Octet
Cisco Tunnel Out-Octet SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.27 Monitors the VPN Tunnel Out-Octet
Cisco Tunnel In-Packets SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.20 Monitors the VPN Tunnel In-Packets
Cisco Tunnel Out-Packets SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.28 Monitors the VPN Tunnel Out-Packets
Cisco Tunnel In-Drop Packets SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.21 Monitors the VPN Tunnel In-Drop Packets
Cisco Tunnel Out-Drop Packets SNMP .1.3.6.1.4.1.9.9.171.1.2.3.1.29 Monitors the VPN Tunnel Out-Drop Packets
Ciscos Total Clientless only WEB VPN sessions SNMP (.1.3.6.1.4.1.9.9.392.1.3.38.0-.1.3.6.1.4.1.9.9.392.1.3.35.0) Total Clientless only WEB VPN Sessions
Cisco Active Web VPN sessions SNMP .1.3.6.1.4.1.9.9.392.1.3.38.0 The number of currently active Webvpn sessions.
Cisco Peak concurrent Webvpn sessions SNMP .1.3.6.1.4.1.9.9.392.1.3.40.0 The number of peak concurrent Webvpn sessions since system up.
Palo Alto Networks GP Gateway Utilization SNMP .1.3.6.1.4.1.25461.2.1.2.5.1.1.0 Monitors the active GlobalProtect tunnels on a gateway and measures tunnel utilization. Use this metric if you use this VM-Series firewall as a VPN gateway to secure remote users.
Palo Alto Networks GP Active Tunnels SNMP .1.3.6.1.4.1.25461.2.1.2.5.1.3.0 Monitors the number of active GlobalProtect sessions on a firewall deployed as a GlobalProtect gateway. Use this metric if you use this VM-Series firewall as a VPN gateway to secure remote users. Check the datasheet for the maximum number of active tunnels supported for your firewall model.
CheckPoint Connected users SNMP .1.3.6.1.4.1.2620.1.9.5.0 Number of users who are connected to AMON (Application monitor) via VPN tunnel
CheckPoint VPN Decryption errors SNMP .1.3.6.1.4.1.2620.1.2.4.2.2 Monitors the VPN Decryption errors
CheckPoint VPN peer tunnel state SNMP .1.3.6.1.4.1.2620.500.9002.1.3 To check the VPN Tunnels status (can also use 1.3.6.1.4.1.2620.500.9003.1.3). Append the instance (ipaddress) obtained from .1.3.6.1.4.1.2620.500.9002.1.1 to get values. Need to add in graphoidcolumninfo table. active(3), destroy(4), idle(129), phase1(130), down(131), init(132)
Fortigate VPN SSL Tunnel Uptime SNMP .1.3.6.1.4.1.12356.101.12.2.4.1.6.1 Monitors the Up time of SSL VPN tunnels (in secs) from the time of VPN reboot.
Fortigate Active SSL VPN Users SNMP .1.3.6.1.4.1.12356.101.12.2.3.1.2.1 The current number of users logged in through SSL-VPN tunnels in the virtual domain
Barracuda VPN Tunnels count SNMP .1.3.6.1.4.1.10704.1.11 Number of live client-to-site VPN tunnels
Barracuda VPN Tunnel status SNMP .1.3.6.1.4.1.10704.1.6.1.2 Monitors the VPN tunnel status
Topsec VPN-Connections SNMP .1.3.6.1.4.1.14331.5.5.1.4.9.0 VPN-Connections of TopSec Firewall
ZyXEL VPN Bandwidth SNMP .1.3.6.1.4.1.890.1.6.22.2.1.0 Monitors the VPN Bandwidth

More about VPN monitoring in OpManager.