So, my company is getting nailed for not meeting its SLA agreements
for uptime. Because of this my manager has asked me for a way to
monitor VPN uptimes (for one). Now, and if someone here knows
something different PLEASE tell, all of our site-to-site VPN endpoints
are either a Cisco router (older 2600s I believe) or a PIX (515s I
think). I haven't found a way to monitor the tunnels on those devices
because there isn't a "interface-like" OID. The system I use to
monitor everything else can gather data from SNMP polls or scripts and
a host of other things - but I haven't found anything for these
tunnels on these devices.

After explaining that to my boss I stated that I'm pretty sure I could
monitor *downtime* with a syslog server. He said good, spec one and
we'll get it ordered. We've placed an order for an IBM 510 with a
usable 1.2TB RAID array. This SHOULD be plenty for doing this, and
complying with any future requirements we might have (DITSCAP, for
one) allowing 11 months of archived data, 1 month of live data (all
raw) and the various "break-out" log files.

I've got a few scripts from others on this list that I'll be using for
everything - just wondering if anyone here has experience with the
tunnel monitoring part?
firewall-wizards mailing list