# Cisco IPSec VPN
This package is designed to monitor IPSec based VPN Tunnels on a Cisco router using SNMP.
This package automatically configures the ServicePilot Manager to collect statistics from VPN Tunnels in two ways: Control Tunnels (VPN Administration, Key exchanges, Negotiations, ...) and Data Tunnels (Data transfer) based on an
SNMP Servicemust be configured (Security: read-only SNMP community and allowed host must be set) and started on each target device.
Network Flows - It is is necessary to ensure network connectivity between ServicePilot and the monitored device. In case of a network infrastructure using a firewall, all the ports below must be opened:
- UDP/161 (SNMP): Between ServicePilot Manager and the Cisco device
- UDP/162 (SNMP Trap): (Optional) Between the Cisco device and ServicePilot Agent
- ServicePilot Manager minimum version: 8.5
Before adding a resource to monitor, make certain that all pre-requisites are in place and if a ServicePilot Agent is required, that it is communicating correctly with the ServicePilot Manager.
Add resource using Views Configuration web interface
- As an administrative user of ServicePilot, open the ServicePilot web interface.
- Navigate to Administration. The Configuration > Views web page will open.
- Click on the view in which to place the new resource in the Views hierarchy on the left of the interface. The View editor section will show the existing view contents.
- From the Packages list on the right of the interface, click and drag the network-cisco-ipsec-vpn package into the View editor and let go.
- The Resource properties dialog box will open to allow resource configuration.
- Click OK to close the Resource properties dialog box. Note that the dialog box will not close if required parameters are not set.
- Click Save to apply the new resource to ServicePilot configuration.
Key field notes
In the Monitoring Policies tab, specify the policy or policies to apply to the resource
Basic Parameters tab:
- IP address: Specify the IP address of the Cisco device, as resolvable by the machine on which ServicePilot Manager is running
Monitoring Options tab:
- IKE: tick to monitor IKE control connections
- IPSec: tick to monitor IPSec data connections