Monitoring IPSEC SA Errors with OpManager
Hi,
I have an ASA5520 that terminates 5 IPSEC VPNs and every now and again there is a problem where one SA rekeys improperly and needs to be cleared manually. Usually we do not know about the bad SA needing to be cleared until users call complaining about no service. I don't see a specific monitor for the ASA which allows it to monitor tunnel health. I've installed the CISCO-IPSEC-FLOW-MONITOR-MIB.my which contains the drop statistics I want to monitor... How can I configure OpManager to monitor and alert me when drops start to appear on a specific SA?
Thanks
I have an ASA5520 that terminates 5 IPSEC VPNs and every now and again there is a problem where one SA rekeys improperly and needs to be cleared manually. Usually we do not know about the bad SA needing to be cleared until users call complaining about no service. I don't see a specific monitor for the ASA which allows it to monitor tunnel health. I've installed the CISCO-IPSEC-FLOW-MONITOR-MIB.my which contains the drop statistics I want to monitor... How can I configure OpManager to monitor and alert me when drops start to appear on a specific SA?
Thanks