SNMP VPN Monitoring for ASA

Unanswered Question
Dec 14th, 2009
User Badges:


Does anyone know the SNMP OIDS numbers to monitor the # of active l2l and remote access VPN connections on an ASA? The version I'm running is 7.2.4. We started migrating from the VPN concentrators, we had been using Cacti to monitor the # of active l2l and remote VPN connections but the SNMP parameters don't work for the ASA. I can't find anywhere on the IPSEC FLOW MIB that will pull this information. I'm able to see the total of VPN connections but unable to break them out.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
andrewswanson Thu, 12/17/2009 - 14:11
User Badges:
  • Silver, 250 points or more


we're using the cacti ASA template to monitor our ASA 5550s - originally with software rev 7.x but now on 8.3. the template plots active VPN tunnels (we use this to monitor site to site ipsec) and RAS (usinng this to monitor AnyConnect connections).



vpnttg001 Wed, 06/26/2013 - 03:25
User Badges:


Check   out VPNTTG (VPN Tunnel Traffic Grapher) is a software for SNMP   monitoring and measuring the traffic load for IPsec  (Site-to-Site,   Remote Access) and SSL (With Client, Clientless) VPN  tunnels on a  Cisco  ASA. It allows the user to see traffic load on a VPN  tunnel over  time  in graphical form.

Advantage of VPNTTG over other SNMP based monitoring software's is    following: Other (commonly used) software's are working with static  OID   numbers, i.e. whenever tunnel disconnects and reconnects, it  gets   assigned a new OID number. This means that the historical data,   gathered  on the connection, is lost each time. However, VPNTTG works   with VPN  peer's IP address and it stores for each VPN tunnel   historical  monitoring data into the Database.

For more information about VPNTTG please visit


This Discussion