Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Best tool to monitor VPN IPSEC Tunneling
Special Forums IP Networking Best tool to monitor VPN IPSEC Tunneling Post 302930476 by val riverwalk on Sunday 4th of January 2015 06:25:09 PM
Old 01-04-2015
Anything in the logs? Run a continuous ping from site A to site B. Does it drop periodically and then restart? Usually when an IPSEC tunnel drops, you'll see the handshake details if you have logging or debugging enabled. If the problem goes AWAY while running a continuous ping, then it may just be timing out for inactivity. As far as monitoring goes, consider Nagios to monitor the connection for drops. As an aside - I like a windows app called "ServersAlive" for simple monitoring of services/links/uptime... not terribly expensive, and great red light/green light online status that the helpdesk staff appreciates.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

IPSec - VPN using shared key

Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies

2. UNIX for Dummies Questions & Answers

Tool to monitor user activity

Hello, Does any one knows any tools or method to monitor users all activities on Solaris 8, including command and its result. Similar to 'script' ??? Thanks nana (3 Replies)
Discussion started by: nana
3 Replies

3. UNIX for Advanced & Expert Users

Tunneling

Hello, I am within a LAN system and I need to be able to tunnel out (and recv UDP) packets. Currently the router automatically drops UDP packets. My PC cant see the outside world, nor ping, but it can connect via SSH to a server on the "edge" of the network which can see everything. I... (2 Replies)
Discussion started by: ErNci
2 Replies

4. Solaris

ssh tunneling

Hi, I have tried the following: on PC1 (win xp) I have created ssh connection with port forwarding (local 8888 to remote 8888) to server1. >From server1 I have created another ssh connection with port forwarding to server2(local 8888 to remote 1521). When I try to connect to oracle... (3 Replies)
Discussion started by: goran00
3 Replies

5. UNIX for Advanced & Expert Users

tool to monitor throughput

Was wonder if there was a tool or program I could run to measure throughput on our CentoS 4.x server. Our current dedicated host provider is charging us by how much throughput we are using and I just want to see if their numbers add up to whatever I get using a throughput tool of some kind. ... (6 Replies)
Discussion started by: mcraul
6 Replies

6. AIX

Tool to monitor the performance of the system ..

Dear experts , Pls advice for any good Tool to monitor the CPU and performance of AIX the system .. to keep monitoring to show me the utilization of that system .. (12 Replies)
Discussion started by: Mr.AIX
12 Replies

7. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

8. IP Networking

VPN IPSec Openswan

Hi all, I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies

9. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

LEARN ABOUT DEBIAN

sa-check_spamd

SA-CHECK_SPAMD.RAW(1)					User Contributed Perl Documentation				     SA-CHECK_SPAMD.RAW(1)

NAME

       sa-check_spamd - spamd monitoring script for use with Nagios, etc.

SYNOPSIS

       sa-check_spamd [options]

       Options:

	-c secs, --critical=secs	  Critical ping response threshold
	-h, -?, --help			  Print usage message
	-H hostname, --hostname=hostname  Hostname of spamd service to ping
	-p port, --port=port		  Port of spamd service to ping
	--socketpath=path		  Connect to given UNIX domain socket
	-t secs, --timeout=secs 	  Max time to wait for a ping response
	-v, --verbose			  Verbose debug output
	-V, --version			  Output version info
	-w secs, --warning=secs 	  Warning ping response threshold

DESCRIPTION

       The purpose of this program is to provide a tool to monitor the status of "spamd" server processes.  spamd is the daemonized version of the
       spamassassin executable, both provided in the SpamAssassin distribution.

       This program is designed for use, as a plugin, with the Nagios service monitoring software available from http://nagios.org.  It might be
       compatible with other service monitoring packages.  It is also useful as a command line utility or as a component of a custom shell script.

OPTIONS

       Options of the long form can be shortened as long as the remain unambiguous (i.e. --host can be used instead of --hostname).

       -c secs, --critical=secs
	   Critical ping response threshold in seconds.  If a spamd ping response takes longer than the value specified (in seconds) the program
	   will exit with a value of 2 to indicate the critical status.

	   This value must be at least as long as the value specified for warning and less than the value specified for timeout.

       -h, -?, --help
	   Prints this usage message and exits.

       -H hostname, --hostname=hostname
	   The hostname, or IP address, of the spamd service to ping.  By default the hostname localhost is used.  If --socketpath is set this
	   value will be ignored.

       -p port, --port=port
	   The port of the spamd service to ping.  By default port 783 (the spamd default port number) is used.  If --socketpath is set this value
	   will be ignored.

       --socketpath=path
	   Connect to given UNIX domain socket.  Use instead of a hostname and TCP port.  When set, any hostname and TCP port specified will be
	   ignored.

       -t secs, --timeout=secs
	   The maximum time to wait for a ping response.  Once exceeded the program will exit with a value of 2 to indicate the critical status.
	   The default timeout value is 45 seconds.  The timeout must be no less than 1 second.

	   This value must be greater than the values specified for both the critical and warning values.

       -v, --verbose
	   Display verbose debug output on STDOUT.

       -V, --version
	   Display version info on STDOUT.

       -w secs, --warning=secs
	   Warning ping response threshold in seconds.	If a spamd ping response takes longer than the value specified (in seconds), and does not
	   exceed the critical threshold value, the program will exit with a value of 1 to indicate the warning staus.

	   This value must be no longer than the value specified for critical and less than the value specified for timeout.

EXIT CODES

       The program will indicate the status of the spamd process being monitored by exiting with one of these values:

       0   OK: A spamd ping response was received within all threshold times.

       1   WARNING: A spamd ping response exceeded the warning threshold but not the critical threshold.

       2   CRITICAL: A spamd ping response exceeded either the critical threshold or the timeout value.

       3   UNKNOWN: An error, probably caused by a missing dependency or an invalid configuration parameter being supplied, occurred in the
	   sa-check_spamd program.

SEE ALSO

       spamc(1) spamd(1) spamassassin(1)

PREREQUISITES

       "Mail::SpamAssassin" version 3.1.1 or higher (3.1.6 or higher recommended)

AUTHOR

       Daryl C. W. O'Shea, DOS Technologies <spamassassin@dostech.ca>

LICENSE

       sa-check_spamd is distributed under the Apache License, Version 2.0, as described in the file "LICENSE" included with the Apache
       SpamAssassin distribution and available at http://www.apache.org/licenses/LICENSE-2.0

perl v5.14.2							    2014-02-14						     SA-CHECK_SPAMD.RAW(1)
All times are GMT -4. The time now is 05:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy