Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Monitoring ASA 5510 Tunnels


I'm trying to monitor Tunnels activity. We want to gather statistics like bandwidth utilization per Tunnel and in the case of Remote Access also the user name associated with a tunnel. All this via SNMP

I've browse through the Cisco-IPSec-Flow MIB and found the TunnelTable, this seems to provide everything I need in Regards to Tunnels, I just need a tip in how to calculate or obtain the bytes Tx and Rx. I can obtain packets and Octets amounts but not actual bytes. Is there another OID I should be inquiring?

In regard to Remote Access I found the CRASSessionTable From here I can obtain the Group associated with the tunnel and I should be able to obtain the User name through the OID, but I'm getting an UnSupported response when querying this particular OID.

Anyone knows what OID can provide the User name?

I know that Cisco Performance Monitor can in fact obtain all that info from the ASA so there must be an appropriate OID I can query to obtain this particular info.

Many Thanks


New Member

Re: Monitoring ASA 5510 Tunnels OID under CISCO-REMOTE-ACCESS-MONITOR-MIB provides information about the username associated with a remote access session:

For more information refer to the url below:

New Member

Re: Monitoring ASA 5510 Tunnels

You are correct, that is the OID that should contain the User name, but when I querie it I get and OID unsupported response.

Is there a problem with the IOS version? Or an I missing something else?

New Member

Monitoring ASA 5510 Tunnels


Advantage   of VPNTTG over other SNMP based monitoring software’s is  following:   Other (commonly used) software’s are working with static OID  numbers,   i.e. whenever tunnel disconnects and reconnects, it gets  assigned a  new  OID number. This means that the historical data, gathered  on the   connection, is lost each time. However, VPNTTG works with VPN  peer’s  IP  address and it stores for each VPN tunnel historical  monitoring  data  into the SQL server and into the RRD (Round Robin  Database) file.


CreatePlease to create content