I found the cause of the problem. I used a special character ("ß") in the SNMP location field which is not valid (I simply overlooked that error). However, I was able to enter it on the "Services: SNMP" page and it caused a hick-up in the configuration. I think it might be a good idea to check that only USASCII characters are used for sysLocation and sysContact.

Hi,
Did you manage to achieve what you were looking for here?

If you search the forum for that error, you'll find a similar thread from a week or two ago – someone tracked it down to a problem in the FreeBSD bsnmpd daemon and how it handles interface IP address queries from the SNMP client (in your case, Spiceworks or whatever NMS you have).

It's a problem in the FreeBSD bsnmpd daemon so it needs to be fixed upstream. We might have one of our devs look at it, if they have some time. See https://redmine.pfsense.org/issues/4298

tank you for replaying

how to configure  pfsense and zabbix to get values from pfsense
pfsense in snmp tab need Read Community String but its not defined in pfsense
who to configure pfsense and zabbix

I had to open a case on this with pfsense - they were able to replicate the problem not only in pfsense, but FreedBSD 10.2, which indicates that this is a bug in bsnmpd that needs to go to the attention of the FreeBSD project.  I've submitted a problem report to FreeBSD here https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203264 - hopefully I formatted ti well enough that it won't rate an immediate close :)

@althornin:

@tim.mcmanus:

This may be a bug in BSD.

The RRD graphs had a similar problem where the WAN graph would show "real" traffic metrics, but the LAN graph would show 2x WAN.  I think the root cause of that was a bug in the version of BSD that pfSense uses.

The two may be related, but I am not entirely sure.  The RRD graphs in 2.2 report properly.

Ok, maybe I can clarify this some.  I'm running 2.2.2 (now) and still have the problem.  Yes, the RRD graphs in pfSense are correct.  However, like many people, I use SNMP to monitor all of my routers (in this case, via MRTG).

SNMP numbers are incorrect on the router at my main site, and now at one remote site.  I am using OpenVPN.  I can't just reverse LAN numbers, because I'm multi-WAN at most sites - I want to see separate bandwidth for each WAN connection.  When I say incorrect, in this case, it means that my outbound traffic numbers are doubled.  Inbound traffic is correct.

So, the second site started showing this symptom after I started messing about with the traffic shaping that was on at the remote site.  Now, even with traffic shaping off, I am seeing the doubled numbers.  I can't fathom why messing about with traffic shaping would cause this to start…but it appears that it did.

Just an FYI - I can report that upgrading from 2.2.2 to 2.2.4 has resolved this for me on all of my pfSense routers.
SNMP is now reporting correct values.

You can always do an snmpwalk from another machine to get all of the MIB/OID information.

Most monitoring systems can do just that, they'll walk the system and be able to pull out the OIDs to monitor.

Ok Tnk

Just tested 2.2.3-RELEASE and it's back again, yieih!!!

On the Web-UI under "Status"->"RRD-Graphs" there is a tab called Quality.

If you set the option Graphs on "Allgraphs" you can see some Quality Graphs.

Is there any other solution to get these state-informations live via SNMP?

Regards

http://blog.logicmonitor.com/2013/06/18/extend-net-snmp-how-to-teach-an-old-snmpd-new-tricks/

You should be able to pull the temperature from the system by running the command:

sysctl -a | grep tempe

I've used the extend to graph OpenVPN users from Linux before and I guessing that can probably be used to graph the temperature of the CPUs from FreeBSD.

I get a list of known IP addresses and the interface they have been seen on

C:\usr\bin>snmpwalk -v 1 -m ALL 192.168.1.1 public .1.3.6.1.2.1.4.22.1.1.2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.1 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.10 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.11 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.12 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.13 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.14 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.152 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.154 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.155 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.160 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.162 = 2
ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex.2.192.168.1.171 = 2

It is not currently possible.

None of those are exposed over SNMP that I'm aware of. Of them all, the only one that might possibly be there is temperature, but that may depend on hardware and the modules loaded.

Well, that's too bad, but thanks for reply…

We include a standard MIB, plus some additional options for pf stats. For determining whether a connection is down, there isn't anything in SNMP that checks gateway status. You'd probably just use the interface counters and alarm when it has less throughput than what's normal for that day and time of day.

AFAIK there isn't anything in the SNMP OIDs that would show up differently.

Note that you'll also need additional MIBs found here: http://files.pfsense.org/misc/mibs/

Hi,

thanks for the reply. Looks like my used check_mk does not find those interfaces. I will take a closer look how I can tweak check_mk to find those MIB entries.

Regards,

Darko

thank you

See above. Package? Perhaps, Base? Never.

Thanks for sharing

Ok, I see.

I was just curious because there are some FWs/Load Balancers which supports various OIDs for VIPs, including "Per-IP bandwidth stats"

Thanks anyway.

That traps line can be ignored. Without more config (e.g. where to send the traps) it wouldn't have any effect anyhow.

The community name (ispframe) would go in the SNMP settings

The access list would be firewall rules.

Hello,

There is still the problem in PfSense 2.1.3 :
#snmpwalk -v 1 -c public X.X.X.X .1.3.6.1.2.1.1.1
SNMPv2-MIB::sysDescr.0 = STRING: pfSense xxxx.xxxxx.xxxx 2.1.3-RELEASE pfSense FreeBSD 8.3-RELEASE-p16 amd64
# snmpwalk -v 1 -c public X.X.X.X .1.3.6.1.4.1.12325.1.200.1.9.3
Error in packet.
Reason: (genError) A general failure occured
Failed object: SNMPv2-SMI::enterprises.12325.1.200.1.9.3

Do you have any news about this issue ?

Best regards,

help
lack FOKUS-MIB module
thanks

I think the first output may just be entries from dmesg that describe the drivers.

I don't believe bsnmpd knows about coretemp enough to expose its actual temperature values.

Thanks, Solarwinds seems to work well.

I had also decided to try PRTG before I saw your post. Although much more complicated than Solarwinds, PRTG shows traffic totals (i.e. amount of data in/out) as well as speed.

Is there any other technologies or methods i can use?