How to monitor VPN tunnels on FortiGate using PRTG

PRTG provides you with a native sensor to monitor VPN statistics on FortiGate firewalls. This sensor only shows UP and DOWN VPN tunnels, and not the details about the specific VPN connection. However, there is a trick on how to monitor specific VPN tunnels using the SNMP Custom sensor. Read below.

I already did a video tutorial about monitoring FortiGate firewalls with PRTG Network Monitor. You can use two sensors. One is for monitoring the system health status and another is for monitoring VPN statistics. Check the video below.

Both sensors are using API to query the target FortiGate devices.

When it comes to VPN, these sensors show only UP and DOWN sensors, nothing else. If you would like to monitor a certain VPN tunnel that is connecting Berlin and your hometown, you wouldn’t be able to do so.

UP and DOWN VPN tunnels

There is a trick on how to monitor specific VPN tunnels. You would need to use SNMP Custom Table Sensor. The SNMP Custom Table sensor monitors entries from a table that is provided via SNMP. You can create one new sensor per table row. For each sensor, you can define up to ten channels.

Once you add the sensor, type the OID 1.3.6.1.4.1.12356.101.12.2.2.

OID to query available VPN tunnels

PRTG will do a meta scan and discover all available VPN tunnels. Select the one you need, and PRTG will create a sensor accordingly.

Select one or more available VPN Tunnels

You need to define the channels you want to include. In my case there are related to bandwidth.

Configure sensor channels

This is what the sensor will look like.

VPN sensor

This was easy. Isn’t it!?

Thank you for reading this article. Feel free to share it with your network.

Until next time, stay safe.

Comments (2):

  1. Kenneth

    August 29, 2022 at 11:28

    Good a easy to digest article.
    Thanks!

    Reply

Leave a Reply

Your email address will not be published.

Share via
Copy link