2 years ago
VPN Tunnel Monitoring
We have several Cisco IPSec Aggregate Tunnels that we are monitoring on our ASA. The problem is, many of them have a 30 minute idle timeout. I don't really need (or want) an alert if a VPN tunnel...
@Stuart Weenig In our case (and likely in Kirby's case, as evidenced by his statement that he sends a ping along the tunnel), our tunnels are going idle, due to no traffic traversing them. There is a way to configure keepalives to keep the tunnels active, but that takes some configuration, and I'm not 100% it's always supported by the remote endpoints?
It's always possible there is an OID that I've simply never been able to find that reports this 'Down reason,' but I'm going to guess there's a decent chance that your circumstances (a backup device) might be different (though, still helpful!).