Cacti (home)ForumsDocumentation
Cacti: offical forums and support
It is currently Sat Dec 15, 2018 8:43 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 50 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
 Post subject: pix firewall template
PostPosted: Fri Jan 09, 2004 11:48 am 
Offline
Cacti Pro User
User avatar

Joined: Thu Nov 21, 2002 8:55 am
Posts: 703
Location: Austin, TX
This is my 1st template, but it should work fine for most applications.

It is a host template (with dependancies) fro Cisco Pix firewalls. The template measures CPU load, interfaces , Free memory and connections.

Good luck with it. Please let me know if you have any questions or improvements on it.


Eric


Attachments:
File comment: pix template
cacti_host_template_pix_firewall.xml [15.71 KiB]
Downloaded 17992 times
Top
 Profile  
 
 Post subject:
PostPosted: Tue Jun 29, 2004 2:28 pm 
Does this work? Anyone tried? How do I install it?


Top
  
 
 Post subject: Doesn't work...
PostPosted: Thu Jul 08, 2004 1:32 pm 
I just loaded this template into the newest version (0.8.5a). It loads correctly but it does not query the correct MIBs. In fact, it queries the

enterprises.109....

tree which doesn't exist on my PIX running PIXOS 6.1.


Top
  
 
 Post subject: PIX
PostPosted: Fri Jul 09, 2004 10:27 am 
Offline
Cacti Pro User
User avatar

Joined: Thu Nov 21, 2002 8:55 am
Posts: 703
Location: Austin, TX
Yes, it works for 6.3
I have the same issue. I have 3 pixs, two of which are on 6.3 and the other on 6.1
the pix running 6.1 does not show the graphs & my fix for that is to upgrade the PIX.


Top
 Profile  
 
 Post subject: Pix
PostPosted: Wed Aug 18, 2004 9:10 pm 
It seems to be missing the memory cdef's
Otherwise, it worked.


Top
  
 
 Post subject:
PostPosted: Sun Aug 22, 2004 8:30 am 
Once I applied the single quote patch the template worked. Thanks.


Top
  
 
 Post subject:
PostPosted: Tue Sep 28, 2004 6:08 am 
Offline
Cacti User

Joined: Fri Mar 12, 2004 3:01 am
Posts: 52
Location: Beusichem
Anonymous wrote:
Once I applied the single quote patch the template worked. Thanks.


Can somebody explain to me what this single quote patch means? Sorry for kicking an old topic...


Top
 Profile  
 
 Post subject:
PostPosted: Mon Oct 04, 2004 10:43 pm 
Offline

Joined: Sat Aug 14, 2004 10:30 am
Posts: 14
I am not an expert on Perl but understand the 'why' and the 'reason' for the fix.

The short version ... take a look at the following from a PIX walk:

IF-MIB::ifDescr.1 = STRING: PIX Firewall 'unused' interface
IF-MIB::ifDescr.2 = STRING: PIX Firewall 'extranet' interface
IF-MIB::ifDescr.3 = STRING: PIX Firewall 'intranet' interface
IF-MIB::ifDescr.4 = STRING: PIX Firewall 'inside' interface

Normally, devices have a simple string as a description. The PIX includes single quotes which in Perl, is interpreted or translated causing a script to fail. That is, when you query the PIX for an interface description, you get the following "PIX Firewall 'inside' interface" and not "inside" like you'd expect and only need.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Oct 08, 2004 2:58 am 
Offline
Cacti User

Joined: Fri Mar 12, 2004 3:01 am
Posts: 52
Location: Beusichem
When I graph the connections I don't get any input on my graphs. I do get the CPU Usage and Interfaces but no Connections or Memory.

Polling a couple of Pix's running on Cisco PIX Firewall Version 6.3(1)


Top
 Profile  
 
 Post subject:
PostPosted: Fri Oct 08, 2004 10:13 am 
Offline
Cacti Pro User
User avatar

Joined: Thu Nov 21, 2002 8:55 am
Posts: 703
Location: Austin, TX
what are the OIDs under your data template for pix connections?
should be 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6

and memory should be
1.3.6.1.4.1.9.9.48.1.1.1.5.1

I built the template based on a pix running 6.3(1) and under Cacti .8.5.a. It still works under .8.6.a for me.

I also imported it into another Cacti server that monitors a pix running 6..1.x and memory graphing does not work with that version

what are your snmp settings on the PIX? It is odd that you would get CPU and not interfaces


Top
 Profile  
 
 Post subject:
PostPosted: Mon Oct 11, 2004 8:43 pm 
Offline

Joined: Mon Apr 19, 2004 7:47 am
Posts: 33
..::BFS::.. wrote:
When I graph the connections I don't get any input on my graphs. I do get the CPU Usage and Interfaces but no Connections or Memory.

Polling a couple of Pix's running on Cisco PIX Firewall Version 6.3(1)


I used to have this problem and it was driving me nuts until I figured out that the maximum value was set at 100 so anything over 100 connections was being dropped. As most my pixes have more then 100 connections this was a must for me.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 26, 2004 12:03 pm 
Offline

Joined: Mon Oct 28, 2002 7:59 am
Posts: 43
Anonymous wrote:
Once I applied the single quote patch the template worked. Thanks.


I noticed the above post. I thiink am having the same problem. I am running 0.8.6b and am not getting the connections and memory graph. However, I do get the CPU Usage graph. Any ideas? If I do need this patch where might I get it?

Thanks,

Dan


Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 26, 2004 1:53 pm 
Offline

Joined: Mon Oct 28, 2002 7:59 am
Posts: 43
Not to over post myself, but upon further examination it appears that the data is getting dumped into the rrd file for both connections and memory. However the graphs are not displaying the information. I did notice that the upper limit of the datasource and the graph were set at 100 for connections. I currently have over 1100 so I uped that limit to 100000. Don't know if that make a difference or not.

Thanks for the help.


Top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 04, 2004 10:36 am 
Offline

Joined: Tue Aug 31, 2004 9:13 am
Posts: 15
Hi !
I just uploaded this PIX template to my Cacti server.
Both the CPU and Conns graphs are created. Though, for the moment, there is no data in it (might be normal as this firewall is not busy at all for now).

I have a problem with the Memory graph.
The graph templates does NOT refere to any data source at all.

For instance, for the Connection graph, there has been a pixconn data template created, and this template is used to create the Conn graph.
The memory data template does not exist... How come ?

Thanx for your help...


Top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 04, 2004 11:00 am 
Offline

Joined: Tue Aug 31, 2004 9:13 am
Posts: 15
Sorry for the flood, but I also cannot get any Interface information... Anything I have to do ?...

Thanx :roll:


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 50 posts ]  Go to page 1, 2, 3, 4  Next

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group