[mrtg] Re: PIX Firewall
Adams, Chris
cadams at hsn.com
Wed Jan 7 13:28:44 MET 2004
I would love to take a look at your script if you don't mind.
Thanks
Chris Adams
Systems Engineer II
HSN.com
(727) 872-5633
-----Original Message-----
From: Keith E Johnson [mailto:kj at sunclipse.com]
Sent: Tuesday, January 06, 2004 5:06 PM
To: 'mrtg at list.ee.ethz.ch'
Subject: [mrtg] Re: PIX Firewall
Your CPU Config is fine, but you need to move the maxbytes up to atleat
64MB depending on how much memory you have.
The current connections OID is 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6
I have a script that grabs all kinds of other stats if you want it...
CPU Conn - Current Conn - TCP Conn - UDP Fixup - FTP Fixup - HTTP Fixup
- TCP Xlate - Current Memory Authenticated users
Keith Johnson
LAN Administrator
Amcor Sunclipse North America
6600 Valley View Street, Buena Park, CA 90620
Voice: 714.562.6179 Fax: 714.562.2036
Email: keith.johnson at sunclipse.com
-----Original Message-----
From: Frank Ervin [mailto:FErvin at 3dsi.com]
Sent: Tuesday, January 06, 2004 1:31 PM
To: 'mrtg at list.ee.ethz.ch'
Subject: [mrtg] PIX Firewall
Hello all,
I am trying to access CPU, memory, and connections on a Cisco PIX 515 E
running IOS 6.3(2). I am able to get all interfaces by IP, so I am
assuming
(correctly??) that SNMP is enabled properly on the firewall. MRTG seems
to run properly, all of the OIDs I have tried return nothing but zeros,
although all the traffic data is accurate (I am also successfully using
getlog.pl to monitor servers)... I have 2 Questions: 1. Do OIDs vary
between devices of the same type (i.e. can OIDs vary from one PIX to
another)? 2. If not-- Has anyone got any OIDs that work with a PIX 515 E
running IOS 6.3(2)?
I am unable to run GetIf in order to do an SNMP walk becuase we've no
servers with SNMP installed at our production location, and would rather
not have to install it if at all possible because of security
concerns... Does anyone know of a SNMP walking utility that contains
it's own SNMP code like MRTG does?
Any other suggestions of things to look at would be greatly appreciated.
TIA!
Frank
Here is part of my cfg:
Target[PIX01-1]:
1.3.6.1.4.1.9.9.109.1.1.1.1.4.1&1.3.6.1.4.1.9.9.109.1.1.1.1.5.1:xxxstrin
g at xx
xip
Options[PIX01-1]: gauge,nopercent,growright,nobanner,integer
WithPeak[PIX01-1]: wmy
YLegend[PIX01-1]: Util(percent)
MaxBytes[PIX01-1]: 100
LegendI[PIX01-1]: CPU Usage (5 secs)
LegendO[PIX01-1]: CPU Usage (1 min)
Title[PIX01-1]: My PIX
Unscaled[PIX01-1]: dwmy
Legend1[PIX01-1]: CPU utilisation over 1 minute
Legend2[PIX01-1]: CPU utilisation over 5 minute
Legend3[PIX01-1]: Maximal CPU utilisation over 1 minute
Legend4[PIX01-1]: Maximal CPU utilisation over 5 minute
ShortLegend[PIX01-1]: %
PageTop[PIX01-1]: <table width="100%" border="0">
<tr>
<td><h2>Cisco CPU Utilisation Report</h2></td>
</tr>
<tr>
<td><h3>PIX CPU</h3></td>
</tr>
<tr>
<td><p>PIX :10.10.20.1</p></td>
</tr>
</table>
Target[PIX01-2]:
1.3.6.1.4.1.9.9.48.1.1.1.5.1&1.3.6.1.4.1.9.9.48.1.1.1.6.1:xxxstring at xxxi
p
MaxBytes[PIX01-2]: 1024
Title[PIX01-2]: PIX 515E MEM
PageTop[PIX01-2]: <H1>PIX01 MEM</H1>
Options[PIX01-2]: gauge, nopercent, unknaszero
YLegend[PIX01-2]: Bytes
ShortLegend[PIX01-2]: Bytes
Legend1[PIX01-2]: Free
Legend2[PIX01-2]: Used
Legend3[PIX01-2]: Max value per interval on graph
Legend4[PIX01-2]: .
LegendI[PIX01-2]: Free
LegendO[PIX01-2]: Used
Colours[PIX01-2]: GREEN#00eb0c,BLUE#0000ff,GRAY#AAAAAA,VIOLET#ff00ff
WithPeak[PIX01-2]: ymw
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list