09-01-2007 05:03 AM - edited 03-03-2019 06:34 PM
Hi Friends,
We are using GRE over IPSec tunnel on one of our routers. The router is polled every 5 min for its status using Cisco works 2000 server. Now, my question is if there is any way i can monitor the ipsec tunnel. Reason is because the Tu0 logical interface always remains up no matter the crypto session is down. I would like to get alerted when the crypto session goes down. Is there any way to accomplish this. Appreciate your assistance on this. Thanks!
Regards,
Manoj
09-01-2007 05:08 AM
Hi Manoj,
i am not so familiar with Cisco Works, but i believe it has SNMP daemon. So your solution is to enable snmp trap notification when the tunnel goes down (or crypto session is broken). If you have enabled snmp-server you need to append this command in your config:
(config)#snmp-server enable traps ipsec tunnel stop
This command will generate a snmp trap to your SNMP server every time when your tunnel protection is down .
Hope it helps!
BR,
Danail Petrov
09-01-2007 06:02 AM
Dear Danail,
Thanks for the info. I will try to implement this and will let you know if this works. Appreciate your time.
BR,
Manoj
09-01-2007 10:54 AM
Look up tunnel keepalives. If the tunnel destination is not reachable when using keepalives, the tunnel status will change to down.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: