Meraki

Community

SNMP monitoring of MX VPNs

Solved
JamesPickup
Here to help
‎Jan 19 2022 1:51 AM
‎Jan 19 2022 1:51 AM

SNMP monitoring of MX VPNs

Sorry if this has been covered, but I am struggling to work out if VPN connection status is available via SNMP.  Looking to get this setup in SolarWinds Orion NPM.

 

Many thanks in advance

0 Kudos
1 Accepted Solution
Crocker
A model citizen
‎Jan 20 2022 2:13 PM
‎Jan 20 2022 2:13 PM

Do you have to be able to see the VPN status within NPM, or are you just looking to alert if/when a VPN connection drops?

 

The easiest way to get alerts for VPN status (if that's all you're after) is to use the built-in alerts in the dashboard.

 

If that rubs you the wrong way (since there are no options for alert suppression, escalation, repetition, or really anything useful at all), you can configure the Meraki devices to forward Syslog to Solarwinds NPM. Within NPM, you can then set up Syslog Alerts that perform various actions based on the source/message/etc of the Syslogs that come in. VPN peer disconnects/connects both generate Syslogs, so this option may work purely for alerting needs.

 

Another option is to put together a small script that runs every so often and queries the 

/organizations/$orgid/appliance/vpn/statuses endpoint, then fires an e-mail if/when it finds something down. This will take a bit of scripting/REST knowledge to effectively implement.
 
As for your original question...Natively, that's not something Solarwinds is going to be able to poll for. You would need to dig through the Meraki dashboard MIB to work out what OID(s) to poll to get VPN status info. More info here regarding SNMP polling the Dashboard: SNMP Overview and Configuration - Cisco Meraki. Note - You have to toggle the one of the SNMP drop-downs on for it to expose the MIB download link. You don't actually have to save the change, though.

View solution in original post

4 Replies 4
AjitKumar
Head in the Cloud
‎Jan 19 2022 2:06 AM
‎Jan 19 2022 2:06 AM

Hi @JamesPickup 

https://community.meraki.com/t5/Mobile-Device-Management/monitor-VPN-using-SNMP/td-p/7797

 

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
JamesPickup
Here to help
‎Jan 19 2022 2:30 AM
‎Jan 19 2022 2:30 AM

Thanks Ajit. That is over 4 years old, and still does not really answer the question, as its all theoretical.  I am no tech genius, so I could waste weeks trying to make this work.  Has anybody succeeded? 

0 Kudos
Crocker
A model citizen
‎Jan 20 2022 2:13 PM
‎Jan 20 2022 2:13 PM

Do you have to be able to see the VPN status within NPM, or are you just looking to alert if/when a VPN connection drops?

 

The easiest way to get alerts for VPN status (if that's all you're after) is to use the built-in alerts in the dashboard.

 

If that rubs you the wrong way (since there are no options for alert suppression, escalation, repetition, or really anything useful at all), you can configure the Meraki devices to forward Syslog to Solarwinds NPM. Within NPM, you can then set up Syslog Alerts that perform various actions based on the source/message/etc of the Syslogs that come in. VPN peer disconnects/connects both generate Syslogs, so this option may work purely for alerting needs.

 

Another option is to put together a small script that runs every so often and queries the 

/organizations/$orgid/appliance/vpn/statuses endpoint, then fires an e-mail if/when it finds something down. This will take a bit of scripting/REST knowledge to effectively implement.
 
As for your original question...Natively, that's not something Solarwinds is going to be able to poll for. You would need to dig through the Meraki dashboard MIB to work out what OID(s) to poll to get VPN status info. More info here regarding SNMP polling the Dashboard: SNMP Overview and Configuration - Cisco Meraki. Note - You have to toggle the one of the SNMP drop-downs on for it to expose the MIB download link. You don't actually have to save the change, though.
JamesPickup
Here to help
‎Jan 21 2022 12:30 AM
‎Jan 21 2022 12:30 AM

I am currently trialling using the Syslog option.  

 

It is very frustrating that the information is all easily available and on view in the dashboard, for both Meraki and 3rd party VPNs.  Yes you can configure it to send an email if a Meraki VPN goes down, but nothing for 3rd party VPNs, even crucial ones like Azure 😉   But when it come to monitoring the these vital stats with basic tooling used across the industry, the information is not attainable for the simple minded.

 

Meraki has made corporate networking SO MUCH easier to manage, in SO MANY ways.  Monitoring is not one of them.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.