[mrtg] FW: Re: PIX Firewall
John W. Bankson
jbankson at pswlaw.com
Wed Dec 6 17:04:31 MET 2000
Sacha,
Here is a 'clean' version of my PIX cfg file. It is important to
note that there isn't an OID to monitor CPU utilization on the PIX. I also
run MRTG on an NT Machine with no problems. Hope this helps.
John Bankson
-----------------------------------begin cfg
file----------------------------------------
WorkDir: e:\inetpub\monitor\mrtg\pix
xSize[_]: 380
Options[_]: growright, bits
######################################################################
# Description: Cisco Secure PIX Firewall Version 5.0(2)
# Contact:
# System Name: pixfirewall
# Location: PIX
#.....................................................................
#---------------------------------------------------------------
Target[MEM]:1.3.6.1.4.1.9.9.48.1.1.1.5.1&1.3.6.1.4.1.9.9.48.1.1.1.5.1:public
@ipaddress
RouterUpTime[MEM]: public at ipaddress
MaxBytes[MEM]: 67108864
Title[MEM]: Memory Used - PIX Firewall
PageTop[MEM]: <H1>Memory Used - PIX Firewall</H1>
<TABLE>
<TR><TD>System:</TD><TD>KC_Plaza Cisco 3640</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Device:</TD><TD>PIX Firewall Memory Utilization</TD></TR>
<TR><TD>Max Memory:</TD>
<TD>64,000 kbits</TD></TR>
</TABLE>
Unscaled[MEM]: ymwd
ShortLegend[MEM]: b
XSize[MEM]: 380
YSize[MEM]: 100
YLegend[MEM]: Memory Utilization
Legend1[MEM]: Memory Utilization
Legend2[MEM]: Memory Utilization
Legend3[MEM]:
Legend4[MEM]:
LegendI[MEM]:
Legendo[MEM]: Usage
Options[MEM]: gauge
#---------------------------------------------------------------
Target[ipaddress.1]: 1:public at ipaddress
MaxBytes[ipaddress.1]: 1250000
Options[ipaddress.1]: bits
Title[ipaddress.1]: pixfirewall (): PIX Firewall 'outside' interface
PageTop[ipaddress.1]: <H1>Traffic Analysis for PIX Firewall 'outside'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'Outside' Interface (1)</TD></TR>
<TR><TD>IP:</TD><TD>(unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
Target[ipaddress.2]: 2:public at ipaddress
MaxBytes[ipaddress.2]: 12500000
Options[ipaddress.2]: bits
Title[ipaddress.2]: pixfirewall (): PIX Firewall 'inside' interface
PageTop[ipaddress.2]: <H1>Traffic Analysis for PIX Firewall 'inside'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'inside' interface (2)</TD></TR>
<TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
Target[ipaddress.3]: 3:public at ipaddress
MaxBytes[ipaddress.3]: 1250000
Options[ipaddress.3]: bits
Title[ipaddress.3]: pixfirewall (): PIX Firewall 'pix/intf2' interface
PageTop[ipaddress.3]: <H1>Traffic Analysis for PIX Firewall 'pix/intf2'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf2' interface
(3)</TD></TR>
<TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
Target[ipaddress.4]: 4:public at ipaddress
MaxBytes[ipaddress.4]: 1250000
Options[ipaddress.4]: bits
Title[ipaddress.4]: pixfirewall (): PIX Firewall 'pix/intf3' interface
PageTop[ipaddress.4]: <H1>Traffic Analysis for PIX Firewall 'pix/intf3'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf3' interface
(4)</TD></TR>
<TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
Target[ipaddress.5]: 5:public at ipaddress
MaxBytes[ipaddress.5]: 1250000
Options[ipaddress.5]: bits
Title[ipaddress.5]: pixfirewall (): PIX Firewall 'pix/intf4' interface
PageTop[ipaddress.5]: <H1>Traffic Analysis for PIX Firewall 'pix/intf4'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf4' interface
(5)</TD></TR>
<TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
Target[ipaddress.6]: 6:public at ipaddress
MaxBytes[ipaddress.6]: 1250000
Options[ipaddress.6]: bits
Title[ipaddress.6]: pixfirewall (): PIX Firewall 'pix/intf5' interface
PageTop[ipaddress.6]: <H1>Traffic Analysis for PIX Firewall 'pix/intf5'
interface
</H1>
<TABLE>
<TR><TD>System:</TD><TD>Pix Firewall</TD></TR>
<TR><TD>Maintainer:</TD><TD><A HREF="mailto:jbankson at pswlaw.com">John W.
Bankson</TD></TR>
<TR><TD>Interface:</TD><TD>PIX Firewall 'pix/intf5' interface
(6)</TD></TR>
<TR><TD>IP:</TD><TD>(Unassigned)</TD></TR>
<TR><TD>Max Speed:</TD>
<TD>10 Mbits/s (Ethernet CSMA/CD)</TD></TR>
</TABLE>
#---------------------------------------------------------------
------------------------------------end cfg
file-----------------------------------------
-----Original Message-----
From: Schilling Sacha [mailto:Sacha.Schilling at jowa.ch]
Sent: Wednesday, December 06, 2000 6:31 AM
To: 'Mike Butler'; Schilling Sacha
Cc: mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: PIX Firewall
Thanks for the answer. I checked this page but i have still problems to
understand it! Have you an idea how a config file for a Pix Firewall should
look like? We run MRTG on a NT Maschine!
-----Original Message-----
From: Mike Butler [mailto:mike at michaelbutler.net]
Sent: Tuesday, December 05, 2000 5:27 PM
To: Sacha.Schilling at jowa.ch
Cc: mrtg at list.ee.ethz.ch
Subject: Re: [mrtg] PIX Firewall
Have a look at this document. It walks you through what you need to do to
get SNMP info out of a PIX to your monitoring station:
http://www.cisco.com/warp/public/110/pixsnmp.html
Cheers,
Mike
> We can find alot of information about Cisco Routers and theyr
> configuration. Unfortunatelly i could not find a config exaple to graph
> via mrtg the throughput of the firewall!
>
> Any idea?
>
>
> --
> Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
> Archive http://www.ee.ethz.ch/~slist/mrtg
> FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
> WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Mike Butler
mike at michaelbutler.net
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
----------------------------------------------------------------
This electronic mail message contains CONFIDENTIAL information
which is (a) ATTORNEY - CLIENT PRIVILEGED COMMUNICATION, WORK
PRODUCT, PROPRIETARY IN NATURE, OR OTHERWISE PROTECTED BY LAW
FROM DISCLOSURE, and (b) intended only for the use of the
Addressee(s) named herein. If you are not an Addressee, or the
person responsible for delivering this to an Addressee, you are
hereby notified that reading, copying, or distributing this
message is prohibited. If you have received this electronic mail
message in error, please reply to the sender and take the steps
necessary to delete the message completely from your computer
system. Thank you.
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list