OpManager allows you to monitor the critical metrics in your network and helps in maintaining the integrity of the VPN connection. There are approximately 1000 firewall templates with built-in performance metrics shipped with OpManager. Apart from those templates, listed below are a list of VPN specific performance monitors that can be associated with the device. You can also create custom monitors as per your requirements. You can find these performance monitors under Settings -> Monitoring -> Performance Monitors.
| Vendor Name | Monitor Name | Protocol | OID | Description |
| Cisco | Tunnel In-Octet | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.19 | Monitors the VPN Tunnel In-Octet |
| Cisco | Tunnel Out-Octet | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.27 | Monitors the VPN Tunnel Out-Octet |
| Cisco | Tunnel In-Packets | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.20 | Monitors the VPN Tunnel In-Packets |
| Cisco | Tunnel Out-Packets | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.28 | Monitors the VPN Tunnel Out-Packets |
| Cisco | Tunnel In-Drop Packets | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.21 | Monitors the VPN Tunnel In-Drop Packets |
| Cisco | Tunnel Out-Drop Packets | SNMP | .1.3.6.1.4.1.9.9.171.1.2.3.1.29 | Monitors the VPN Tunnel Out-Drop Packets |
| Cisco | Total Clientless only WEB VPN sessions | SNMP | (.1.3.6.1.4.1.9.9.392.1.3.38.0-.1.3.6.1.4.1.9.9.392.1.3.35.0) | Total Clientless only WEB VPN Sessions |
| Cisco | Active Web VPN sessions | SNMP | .1.3.6.1.4.1.9.9.392.1.3.38.0 | The number of currently active Webvpn sessions. |
| Cisco | Peak concurrent Webvpn sessions | SNMP | .1.3.6.1.4.1.9.9.392.1.3.40.0 | The number of peak concurrent Webvpn sessions since system up. |
| Palo Alto Networks | GP Gateway Utilization | SNMP | .1.3.6.1.4.1.25461.2.1.2.5.1.1.0 | Monitors the active GlobalProtect tunnels on a gateway and measures tunnel utilization. Use this metric if you use this VM-Series firewall as a VPN gateway to secure remote users. |
| Palo Alto Networks | GP Active Tunnels | SNMP | .1.3.6.1.4.1.25461.2.1.2.5.1.3.0 | Monitors the number of active GlobalProtect sessions on a firewall deployed as a GlobalProtect gateway. Use this metric if you use this VM-Series firewall as a VPN gateway to secure remote users. Check the datasheet for the maximum number of active tunnels supported for your firewall model. |
| CheckPoint | Connected users | SNMP | .1.3.6.1.4.1.2620.1.9.5.0 | Number of users who are connected to AMON (Application monitor) via VPN tunnel |
| CheckPoint | VPN Decryption errors | SNMP | .1.3.6.1.4.1.2620.1.2.4.2.2 | Monitors the VPN Decryption errors |
| CheckPoint | VPN peer tunnel state | SNMP | .1.3.6.1.4.1.2620.500.9002.1.3 | To check the VPN Tunnels status (can also use 1.3.6.1.4.1.2620.500.9003.1.3). Append the instance (ipaddress) obtained from .1.3.6.1.4.1.2620.500.9002.1.1 to get values. Need to add in graphoidcolumninfo table. active(3), destroy(4), idle(129), phase1(130), down(131), init(132) |
| Fortigate | VPN SSL Tunnel Uptime | SNMP | .1.3.6.1.4.1.12356.101.12.2.4.1.6.1 | Monitors the Up time of SSL VPN tunnels (in secs) from the time of VPN reboot. |
| Fortigate | Active SSL VPN Users | SNMP | .1.3.6.1.4.1.12356.101.12.2.3.1.2.1 | The current number of users logged in through SSL-VPN tunnels in the virtual domain |
| Barracuda | VPN Tunnels count | SNMP | .1.3.6.1.4.1.10704.1.11 | Number of live client-to-site VPN tunnels |
| Barracuda | VPN Tunnel status | SNMP | .1.3.6.1.4.1.10704.1.6.1.2 | Monitors the VPN tunnel status |
| Topsec | VPN-Connections | SNMP | .1.3.6.1.4.1.14331.5.5.1.4.9.0 | VPN-Connections of TopSec Firewall |
| ZyXEL | VPN Bandwidth | SNMP | .1.3.6.1.4.1.890.1.6.22.2.1.0 | Monitors the VPN Bandwidth |
More about VPN monitoring in OpManager.
Thank you for your feedback!
