We have a core Sonicwall NSA 3400 with many VPN tunnels connected to it. I am interested in monitoring that device and looking at the individual bandwidth of each of the tunnels. Does anyone know if this is possible to do via SNMP or perhaps Netflow? I'm inexperienced with now netflow works, but I think it might be possible that way. Any help would be appreciated.
It's possible to monitor this via SNMP and soon we will be adding a sensor into PRTG with this capability but currently it's in the test phase. If you can't wait for the sensor, I can look to see what OIDs are used for these sensors and let you know.
Great, thanks for the info! If you wouldn't mind, could you let me know the OID's that are used for this? We might want to add in a few before the sensor is updated.
Here are all of the OIDs that we are using for the Sonicwall Sensor:
sonicSAStatTable 22.214.171.124.4.1.87126.96.36.199.1.1 sonicSAStatEntry sonicSAStatEntry 188.8.131.52.4.1.87184.108.40.206.1.1.1 sonicIpsecSaIndex sonicIpsecSaIndex 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatDecryptPktCount sonicSAStatDecryptPktCount 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatDecryptByteCount sonicSAStatDecryptByteCount 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatInFragPktCount sonicSAStatInFragPktCount 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatOutFragPktCount sonicSAStatOutFragPktCount 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatUserName sonicSAStatUserName 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatPeerGateway sonicSAStatPeerGateway 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatSrcAddrBegin sonicSAStatSrcAddrBegin 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatSrcAddrEnd sonicSAStatSrcAddrEnd 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatDstAddrBegin sonicSAStatDstAddrBegin 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatDstAddrEnd sonicSAStatDstAddrEnd 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatCreateTime sonicSAStatCreateTime 126.96.36.199.4.1.87188.8.131.52.184.108.40.206 sonicSAStatEncryptPktCount sonicSAStatEncryptPktCount 220.127.116.11.4.1.8718.104.22.168.22.214.171.124 sonicSAStatEncryptByteCount sonicSAStatEncryptByteCount 126.96.36.199.4.1.87188.8.131.52.184.108.40.206
I assume that there are sub ID's that drill down these stats to a particular tunnel as well?
Yes, the best thing to do would be to use the SNMP tester to walk the OIDs to see the full OIDs for your device.
Great, thanks for the help!