Hi Johnathon,
Just as a proposal, it's theoretically doable to get IPSec Peer hostname instead of IP, it is not a description, but at least a meaningful name. In IKEv1 and IKEv2 there's a field for Identity exchanged between peers, it can be IP, hostname or Key ID. This should be written to [ceipSecEndPtRemoteName] in CISCO-ENHANCED-IPSEC-FLOW-MIB in case you're doing identity of Key ID. Off course, this needs to be verified and implemented in Observium to get displayed properly.
--- Best regards, Sergei
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Friday, March 1, 2019 6:43 PM, David Jesus Maturano Sanchez via observium observium@observium.org wrote:
This isn’t supported by ASA, there’s no way to do that for IPSec tunnels.
David M.
De: observium observium-bounces@observium.org en nombre de Johnathon Voegeli via observium observium@observium.org Responder a: Observium observium@observium.org Fecha: viernes, 1 de marzo de 2019, 11:38 Para: Observium observium@observium.org CC: Johnathon Voegeli jvoegeli@voigtie.com Asunto: [Observium] Cisco ASA IPSec tunnels
Hey guys,
Does anyone know where to set the “tunnel name” in a Cisco ASA or more rather where Observium gets that info? I have a dozen or so IPSec tunnels built, but Obs calls them all by the outside interface IP I suspect because I am too dense to figure out where its getting the tunnel name field from?
[cid:image001.png@01D4D02B.AA8D38E0]
The local address and the tunnel name are all the same.
