[strongSwan-dev] SNMP and Strongswan
Gerd v. Egidy
lists at egidy.de
Tue Mar 3 09:59:52 CET 2015
Hi Philip,
> I'm looking at adding MIB support (because a client requested it) and
> wondering what prior work anyone else had done in this realm.
>
> I've seen that there's an RFC (4807) for SPD configuration, but I've not
> found an IPsec SA MIB.
I've done a bit of research and found that there is no standard that is used
by several vendors.
Cisco, Checkpoint, Watchguard all have their own, vendor specific MIB to
monitor IPSec.
Sophos (ex Astaro) don't have it, as they are using Strongswan internally, it
would have been handy.
I couln't find any snmp support for the other opensource IPSec stacks
KAME/Racoon and OpenSWAN.
So unless you are accustomed to IETF work and have the time to write, edit and
argument an RFC, I'd suggest to do it like the others and create a Strongswan
specific MIB.
Kind regards,
Gerd
More information about the Dev
mailing list