What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Cisco ASA 5506X bandwidth sensor

Votes:

0

Dear all,

We recently added 12 Cisco ASA 5506-X Firewalls in our PRTG network monitoring. When we execute an auto discovery we see several sensors, but we are experiencing problems with the bandwidth sensor.

The bandwidth sensor for the outside interface displays for example a value of 213.214 Mbit/s this value didn't match with the reality.

This problem is on all the CIsco ASA 5506X firewalls, does somebody have the same problem?

We have several other Cisco ASA's in the network monitoring without any problems. (Cisco ASA 5512-X, 5520-X)

Kind regards,

Lemar Biekman

5506-x asa5506 bandwidth snmp-traffic wrong

Created on Nov 26, 2015 1:40:23 PM

Last change on Nov 27, 2015 8:24:37 AM by Luciano Lingnau [Paessler]



1 Reply

Accepted Answer

Votes:

0

Hello Lemmar,
we appreciate your inquiry.

Since you already have a dedicated support ticket open, I ask that we use the ticket for communication regarding your case.

As for the reported issue, we've seen a few customers reporting the exact same behavior with the new Cisco ASA 5506-X model. The 64-bit counters which we query for high-speed (64-bit) traffic sensors were completely "off the charts". We recommend contacting Cisco's support as we can't explain the unusual counter results.
These are the standard 64-bit counters that we use:

1.3.6.1.2.1.31.1.1.1.6.index
1.3.6.1.2.1.31.1.1.1.10.index

One of our customers reported improved results by configuring the SNMP Compatibility Options of the device and setting the 32-bit/64-bit Counters option to Use 32-bit counters only.

The sensors need to be added anew after configuring this option, this way the interface scan will always use 32-bit traffic counters, even if 64-bit counters are available, kindly note that on higher speeds this may lead to overflows(spikes), but it can be used as a workaround to check if the 32-bit counters provide better results.

The 32-bit Sensor will query the following OID's instead:

1.3.6.1.2.1.2.2.1.10.index
1.3.6.1.2.1.2.2.1.16.index

The type of created SNMP sensor can be distinguished by it's name within the sensor overview. It will either be an SNMP Traffic 32bit Sensor or SNMP Traffic 64bit Sensor.

Note: We strongly recommend sticking with SNMP V2c or superior and 64-bit counters whenever possible, the 32-bit counters should only be used when no other option is available or for compatibility/troubleshooting.

Update 16/01/2017
Cisco has acknowledged this issue, as we've been informed:

Current bug Status on Cisco's website is:

Known Affected Releases
9.3(3)
9.5(0.102)
Known Fixed Releases
No release planned to fix this bug

Best Regards,
Luciano Lingnau [Paessler Support]

Created on Nov 27, 2015 7:54:25 AM by Luciano Lingnau [Paessler]

Last change on Jan 16, 2017 5:54:36 AM by Luciano Lingnau [Paessler]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.