Configure monitoring of Watchguard devices with Nagios XI

Firstly, we will need to enable the Firebox  as a SNMP device, as below:

1) From Policy Manager, select Setup > SNMP.

2) Select the SNMP polling type and enter the configuration details. In my configuration I am selecting ‘v1/v2c’ for SNMP polling which requires a community string to be configured.

3) Select the SNMP trap type to be ‘v2Trap’ and add your SNMP management station, in this case the Nagios XI monitoring server IP address.

4) Confirm your SNMP settings and select ‘OK’.

This will create an automatically generated policy named ‘SNMP’ to allow inbound connections to your Firebox on  UDP port 161. I further configured the rule to only allow inbound SNMP from the source address of the Nagios XI monitoring server IP address.

Now that we have SNMP enabled on the Firebox we can now run the monitoring wizard to monitor the devices.

1) Select the ‘Watchguard’ motoring wizard

2) Enter the IP address of the Watchguard management interface, SNMP community name as configured when enabling the Firebox as a SNMP device.

3) Select the services you wish to monitor, notifications and groups and complete the configuration.

I encountered a couple of issues following configuration, the default warning and critical values may not be relevant to your device. For Example, active connections limit was not representative of the Firebox device. By default, the thresholds are set to be 300 (Warning) and 500 (Critical).  The device I have is capable of supporting up to 40,000 concurrent connections, therefore I set  the critical value to be 36,000  and a number of 32,000 to be my warning threshold.

This information is available for the device, by browsing to the datasheet, in my case XTM 5 series details can be found at http://www.watchguard.com/docs/datasheet/wg_xtm5_ds.pdf.

It would also appear that in an active/passive cluster you may only monitor the active node based on the IP address of the device, therefore I configured my monitored host and services to use the clustered management address.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s