[mrtg] Re: Sonicwall

Barry Mather Barry.Mather at ddat.co.uk
Wed Apr 16 09:51:39 MEST 2003


Hi,

Yeah, I already looked through the archives, the vpn solution in there
only works if the tunnel does not get ripped down.  The index changes
everytime it is re-established.  This is not helpful as I am only at
this companys UK office for another 6 months and want to leave it in a
working with no tweeking needed state.

In regards to my sonicwalls I have 3 x pro 230's at regional HQs (uk,
usa, australia ) and 8 x soho 3's just around the UK (usa and australia
are being established and will have another 10 or so offices each)
With the base firmware, I ran my cfgmaker script (posted below) on each
sonicwall, then ran the mrtg config it produced.  I got exactly as you
said, nice graphs, but no data.  Then upgrade to latest firmware, and
ran the cfgmaker script again, then run the .cfg again (3 times) and it
works.
Well, this worked for me, did the same process on all of my firewalls,
and they all worked the same.

sonic.sh  -  cfgmaker script rather that typing it all in for every
sonic.

cfgmaker --global 'workdir: /var/www/html/sonicwall' --global
'options[_]: bits,growright' --global 'loadmibs:
/etc/mrtg/mibs/sonic_stats.mib,/etc/mrtg/mibs/sw-firewall-trap.mib,/etc/
mrtg/mibs/sw-smi.mib' --output /etc/mrtg/sonic.cfg public at 10.x.x.x

This then generates the following config file: sonic.cfg

workdir: /var/www/html/sonicwall
options[_]: bits,growright
loadmibs:
/etc/mrtg/mibs/sonic_stats.mib,/etc/mrtg/mibs/sw-firewall-trap.mib,/etc/
mrtg/mibs/sw-smi.mib

Target[10.x.x.x_1]: 1:public at 10.x.x.x:
SetEnv[10.x.x.x_1]: MRTG_INT_IP="212.x.x.x" MRTG_INT_DESCR="eth0"
MaxBytes[10.x.x.x_1]: 1250000
Title[10.x.x.x_1]: Traffic Analysis for 1 -- Pro 230 1
PageTop[10.x.x.x_1]: <H1>Pro 230 1</H1>
 <TABLE>
   <TR><TD>System:</TD>     <TD>Pro 230 1</TD></TR>
   <TR><TD>Maintainer:</TD> <TD>Barry Mather</TD></TR>
   <TR><TD>Description:</TD><TD>eth0  </TD></TR>
   <TR><TD>ifType:</TD>     <TD>ethernetCsmacd (6)</TD></TR>
   <TR><TD>ifName:</TD>     <TD></TD></TR>
   <TR><TD>Max Speed:</TD>  <TD>10.0 Mbits/s</TD></TR>
   <TR><TD>Ip:</TD>         <TD>212.x.x.x (hostname)</TD></TR>
 </TABLE>

Target[10.x.x.x_3]: 3:public at 10.x.x.x:
SetEnv[10.x.x.x_3]: MRTG_INT_IP="0.0.0.0" MRTG_INT_DESCR="eth1"
MaxBytes[10.x.x.x_3]: 12500000
Title[10.x.x.x_3]: Traffic Analysis for 3 -- Pro 230 1
PageTop[10.x.x.x_3]: <H1>Traffic Analysis for 3 -- Pro 230 1</H1>
 <TABLE>
   <TR><TD>System:</TD>     <TD>Pro 230 1</TD></TR>
   <TR><TD>Maintainer:</TD> <TD>Barry Mather</TD></TR>
   <TR><TD>Description:</TD><TD>eth1  </TD></TR>
   <TR><TD>ifType:</TD>     <TD>ethernetCsmacd (6)</TD></TR>
   <TR><TD>ifName:</TD>     <TD></TD></TR>
   <TR><TD>Max Speed:</TD>  <TD>100.0 Mbits/s</TD></TR>
   <TR><TD>Ip:</TD>         <TD>0.0.0.0 ()</TD></TR>
 </TABLE>


Target[10.x.x.x_4]: 4:public at 10.x.x.x:
SetEnv[10.x.x.x_4]: MRTG_INT_IP="10.x.x.x2" MRTG_INT_DESCR="eth2"
MaxBytes[10.x.x.x_4]: 12500000
Title[10.x.x.x_4]: Traffic Analysis for 4 -- Pro 230 1
PageTop[10.x.x.x_4]: <H1>Traffic Analysis for 4 -- Pro 230 1</H1>
 <TABLE>
   <TR><TD>System:</TD>     <TD>Pro 230 1</TD></TR>
   <TR><TD>Maintainer:</TD> <TD>Barry Mather</TD></TR>
   <TR><TD>Description:</TD><TD>eth2  </TD></TR>
   <TR><TD>ifType:</TD>     <TD>ethernetCsmacd (6)</TD></TR>
   <TR><TD>ifName:</TD>     <TD></TD></TR>
   <TR><TD>Max Speed:</TD>  <TD>100.0 Mbits/s</TD></TR>
   <TR><TD>Ip:</TD>         <TD>10.x.x.x ()</TD></TR>
 </TABLE>


-----Original Message-----
From: Andrew Davis [mailto:andrew at socallinuxsolutions.com] 
Sent: 15 April 2003 19:49
To: Barry Mather
Cc: mrtg at list.ee.ethz.ch
Subject: Re: [mrtg] Sonicwall


One answer... one question...

There was a post on this list about the VPN subject a month or so back. 
I'd suggest searching the archives for "sonicwall and vpn". Not sure if 
there was a resolution or not.

I'm curious what kind of Sonicwalls you have. There've been other 
discussions on this list and many of us were unable to get the LAN, WAN,

& DMZ stats from the Sonicwalls. I have the latest firmware on mine and 
have had no luck getting MRTG to graph it (I have graphs, but with no 
data). Any chance you could take a few minutes and give a quick how-to 
of how you got it working?

Thanks,
AD

Barry Mather wrote:
> Hi
>  
> first time post, long time reader of this list...
>  
> I have 9 sonicwalls that I am happily grabbing stats of the lan, wan, 
> and dmz ports and populating mrtg with.  I had a lot of hassle with 
> this, and eventuly found that I could only get decent graphing with 
> the latest firmware version, 6.4.2.0 i think ..
>  
> Anyway, the question is has anyone managed to get a reliable graph of 
> vpn usage ??
>  
> Even better would be the ability to be able to graph usage per 
> protocol ? is this something mrtg is capable of doing .... ??
>  
> thanks
>  
>  
> Barry Mather
> 
> Network Security Specialist
> 
> DDAT (UK) Ltd
> 
> barry.mather at ddat.co.uk
> 
>  
> 
>  
> 
> --
> Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
> Archive     http://www.ee.ethz.ch/~slist/mrtg
> FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
> WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi
> 
> 

-- 
Andrew Davis, Founder
SoCalLinuxSolutions
andrew at socallinuxsolutions.com
760-525-4689

SoCalLinuxSolutions.com
Linux Consultation & Integration Services



This e-mail message may contain confidential or privileged information and is intended solely for the individual to whom it is addressed. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. If you have received it in error please notify us immediately by telephoning 0870 737 0017 and destroy this e-mail and any attachments. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi



More information about the mrtg mailing list