[mrtg] Re: PIX Firewall

John W. Bankson jbankson at pswlaw.com
Wed Dec 6 17:03:19 MET 2000


Sacha,

	Here is a 'clean' version of my PIX cfg file.  It is important to
note that there isn't an OID to monitor CPU utilization on the PIX.  I also
run MRTG on an NT Machine with no problems.  Hope this helps.

John Bankson

-----------------------------------begin cfg
file----------------------------------------

WorkDir: e:\inetpub\monitor\mrtg\pix
xSize[_]: 380
Options[_]: growright, bits

######################################################################
# Description: Cisco Secure PIX Firewall Version 5.0(2)
#     Contact: 
# System Name: pixfirewall
#    Location: PIX
#.....................................................................

#---------------------------------------------------------------

Target[MEM]:1.3.6.1.4.1.9.9.48.1.1.1.5.1&1.3.6.1.4.1.9.9.48.1.1.1.5.1:public
@ipaddress
RouterUpTime[MEM]: public at ipaddress
MaxBytes[MEM]: 67108864
Title[MEM]: Memory Used - PIX Firewall
PageTop[MEM]: <H1>Memory Used - PIX Firewall</H1>
 <TABLE>
   <TR><TD>System:</TD><TD>KC_Plaza Cisco 3640</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Device:</TD><TD>PIX Firewall Memory Utilization</TD></TR>
   <TR><TD>Max Memory:</TD>
       <TD>64,000 kbits</TD></TR>
  </TABLE>
Unscaled[MEM]: ymwd
ShortLegend[MEM]: b
XSize[MEM]: 380
YSize[MEM]: 100
YLegend[MEM]: Memory Utilization
Legend1[MEM]: Memory Utilization
Legend2[MEM]: Memory Utilization 
Legend3[MEM]: 
Legend4[MEM]: 
LegendI[MEM]: 
Legendo[MEM]: &nbsp;Usage
Options[MEM]: gauge

#---------------------------------------------------------------

Target[ipaddress.1]: 1:public at ipaddress
MaxBytes[ipaddress.1]: 1250000
Options[ipaddress.1]: bits
Title[ipaddress.1]: pixfirewall (): PIX Firewall 'outside' interface
PageTop[ipaddress.1]: <H1>Traffic Analysis for PIX Firewall 'outside'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'Outside' Interface (1)</TD></TR>
   <TR><TD>IP:</TD><TD>(unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------

Target[ipaddress.2]: 2:public at ipaddress
MaxBytes[ipaddress.2]: 12500000
Options[ipaddress.2]: bits
Title[ipaddress.2]: pixfirewall (): PIX Firewall 'inside' interface
PageTop[ipaddress.2]: <H1>Traffic Analysis for PIX Firewall 'inside'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'inside' interface (2)</TD></TR>
   <TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------

Target[ipaddress.3]: 3:public at ipaddress
MaxBytes[ipaddress.3]: 1250000
Options[ipaddress.3]: bits
Title[ipaddress.3]: pixfirewall (): PIX Firewall 'pix/intf2' interface
PageTop[ipaddress.3]: <H1>Traffic Analysis for PIX Firewall 'pix/intf2'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf2' interface
(3)</TD></TR>
   <TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------

Target[ipaddress.4]: 4:public at ipaddress
MaxBytes[ipaddress.4]: 1250000
Options[ipaddress.4]: bits
Title[ipaddress.4]: pixfirewall (): PIX Firewall 'pix/intf3' interface
PageTop[ipaddress.4]: <H1>Traffic Analysis for PIX Firewall 'pix/intf3'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf3' interface
(4)</TD></TR>
   <TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------

Target[ipaddress.5]: 5:public at ipaddress
MaxBytes[ipaddress.5]: 1250000
Options[ipaddress.5]: bits
Title[ipaddress.5]: pixfirewall (): PIX Firewall 'pix/intf4' interface
PageTop[ipaddress.5]: <H1>Traffic Analysis for PIX Firewall 'pix/intf4'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf4' interface
(5)</TD></TR>
   <TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------

Target[ipaddress.6]: 6:public at ipaddress
MaxBytes[ipaddress.6]: 1250000
Options[ipaddress.6]: bits
Title[ipaddress.6]: pixfirewall (): PIX Firewall 'pix/intf5' interface
PageTop[ipaddress.6]: <H1>Traffic Analysis for PIX Firewall 'pix/intf5'
interface
 </H1>
 <TABLE>
   <TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
   <TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
   <TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf5' interface
(6)</TD></TR>
   <TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
   <TR><TD>Max Speed:</TD>
       <TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
  </TABLE>

#---------------------------------------------------------------


------------------------------------end cfg
file-----------------------------------------


-----Original Message-----
From: Schilling Sacha [mailto:Sacha.Schilling at jowa.ch]
Sent: Wednesday, December 06, 2000 6:31 AM
To: 'Mike Butler'; Schilling Sacha
Cc: mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: PIX Firewall


Thanks for the answer. I checked this page but i have still problems to
understand it! Have you an idea how a config file for a Pix Firewall should
look like? We run MRTG on a NT Maschine!

-----Original Message-----
From: Mike Butler [mailto:mike at michaelbutler.net]
Sent: Tuesday, December 05, 2000 5:27 PM
To: Sacha.Schilling at jowa.ch
Cc: mrtg at list.ee.ethz.ch
Subject: Re: [mrtg] PIX Firewall


Have a look at this document. It walks you through what you need to do to 
get SNMP info out of a PIX to your monitoring station:

http://www.cisco.com/warp/public/110/pixsnmp.html

Cheers,

Mike

> We can find alot of information about Cisco Routers and theyr
> configuration. Unfortunatelly i could not find a config exaple to graph
> via mrtg the throughput of the firewall!
> 
> Any idea?
> 
> 
> --
> Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
> Archive     http://www.ee.ethz.ch/~slist/mrtg
> FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
> WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi


-- 
Mike Butler
mike at michaelbutler.net


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi


    ----------------------------------------------------------------
    This  electronic mail  message contains CONFIDENTIAL information
    which is (a) ATTORNEY - CLIENT  PRIVILEGED  COMMUNICATION,  WORK
    PRODUCT,  PROPRIETARY IN  NATURE, OR  OTHERWISE PROTECTED BY LAW
    FROM  DISCLOSURE,  and  (b) intended  only for  the  use  of the
    Addressee(s)  named  herein. If you are not an Addressee, or the
    person  responsible for delivering this to an Addressee, you are
    hereby  notified  that  reading,  copying,  or distributing this
    message is prohibited. If you have received this electronic mail
    message  in error, please reply to the sender and take the steps
    necessary  to delete  the message  completely from your computer
    system. Thank you.



--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi



More information about the mrtg mailing list