I've got an issue that's been bugging me for several weeks now.
I've got to implement some sort of monitoring for my ipsec groups. I know I can monitor tunnels and activity, traffic and stuff, but I have no idea to which group of users to attribute this information. Furthermore, the CISCO-IPSEC-* MIBs only confused me more when trying to workout which OID I have to use.
Basically the SNMP equivalent of "show crypto session summary" is all I need... If I can work out more and start attributing byte counts to groups, that would be even better... but for the moment, I only want to look at how many VPNs per group are active.
Has anyone made any sense of the Cisco IPSec SNMP MIBs? if so, would you impart any advice you can think of?