Second this, I have pfsense and leverage SNMP to poll the ARP table for mobile devices (static ARP must be disabled for this to work, and lower the timeout value). Also use SNMP to poll access points as another validation to ensure a phone is there.
I can’t talk to SNMP in regards to VPN, but a SNMP walk would dump the information and allow anyone to see the information.
As to pfsense and the dark path, what path/direction did they take?
Thanks, that’s another options, although I’m not sure I want to brush the dust of my “SNMP knowledge”. It must be almost 20 years since I last touched it, all I remember is that I didn’t really like it
It’s been a trend for a long time IMO, but it just seems to be getting worse. They seems to be “abusing” the whole open-source idea for profit, while they are still technically open-source. They have made the build tools proprietary, so good luck to anyone who wishes to build it. They also refuse to release ARM binaries for example. In addition they use their trademark to prevent others to sell hardware with pfSense installed. They have also introduced “annoyance screens” that pops up and “reminds” you that you don’t have a paid version etc.
I haven’t studied this in detail, but I’ve seen the same thing happen too many things before, and I see it as a clear sign that they will do everything they can to make it increasingly difficult for those that doesn’t buy their very overpriced hardware to use pfSense. Such behavior turns me off, I’d rather find somebody with a better attitude than waste my time trying to “fight” whatever “sabotage” they come up with next.
It hasn’t impacted me yet either, for me it’s a matter of principle. I also am not comfortable with the idea that they might succeed in throwing in some obstacle, introduced by some update, that does impact me at some point in the future.
In addition to what Nadar said, pfSense has a growing reputation for being abusive to their users on their forum and the way they reacted when OPNsense created their fork was less than professional (to put it lightly, search Google to see some of that history). And they made it pretty clear that the free version of pfSense is basically done. No new features or capabilities are planned to be added to it beyond security patches and the like.
I switched from pfSense to OPNsense about a year ago and, ignoring problems with Netgate as a company, the end user experience on OPNsense is way better. It’s clear that OPNsense is actually working to improve their product. All one has to do is try to configure HAProxy on pfSense and then do it on OPNsense and you’ll see the difference (not to mention that the version of HAProxy on pfSense was ancient in comparison).
I’m very happy I moved. OPNsense is, in my opinion, a far superior product and Netgate is not a company I want to have anything to do with.
Indeed there is an official plugin for OPNsense to get SNMP support.
Personally I do not have that sort of monitoring connected to my openHAB. I’ve got plenty of immediate indications that my network is offline so I’ve not had the need to flash lights of the like. However, I do need to monitor my home network and I use Zabbix for that. There is support for Actions in Zabbix so I suppose I could have it make a REST API call into OH when an interface goes down or something. The emails I get from Zabbix have proven sufficient for most things though and the charts have helped me identify problems in the past.
I run point to point tunnels and “provide some services” to others that break if the VPN or my Internet connection goes down. That’s why I need to handle it even if it doesn’t “bother me” at that moment (in which case I’d know anyway).
I know I could rune some other monitoring software to do this, I have configured Icinga for this purpose in the past. But, at the moment my ESXi can’t run 24/7 because of noise, and I need to do quite a lot of work to get it set up in the planned location in the basement. Because of that I don’t really have any 24/7 hardware running Linux that is suitable for the task, and since I just need very basic notification I would suit my needs very nicely at this point. I don’t need statistics or fancy plots, I just need to know when something is broken