How to monitor the state of VPN Tunnels in Check Point Firewalls.

Article Id: 15690
Status: Published
Updated On: 28-03-2019 05:19
Legacy Id: TEC1957373
Products:
CA Spectrum - OneClick , CA Spectrum - Reporting , CA Spectrum - Integrations , CA Spectrum - Alarms & Event Management
Issue/Introduction:

Monitoring the VPN Tunnel State in Check Point Devices.

 



How can I monitor the state of VPN Tunnel in a Check Point Firewall?

Environment:

Release:
Component:

Resolution:

1) SNMP OID 1.3.6.1.4.1.2620.500.9002.1.3 is responsible for the VPN TUNNEL STATE Monitoring.

 

2)  Map this OID if it is not present by default.

 

3) In the below document I have mapped the OID so it is showing as a customized event (i.e) 0xfff....  See the below screenshot.

 

<Please see attached file for image>

1.JPG

 

4)  After mapping the OID go to the firewall where the VPN Tunnels are configured  and check for the VPNTunnelMonitoring attribute and will show as below with value and table.

 

<Please see attached file for image>

2.JPG

 

5)  If you click on the  highlightened “Table” it will display the list of Tunnels configured as below. In the below screenshot there are 11 Tunnels configured.

 

<Please see attached file for image>

3.JPG

 

6)  The value 3 represents the state of the Tunnel and is Active. The following are the values for the Tunnel state.

 

     3=active

 

     4=destroy

 

     129=idle

 

     130=phase1

 

     131=down

 

     132=init

 

7) Once you configured above steps you can create a Spectrowatch and monitor the Tunnels with the Alarm criticality that you require.

Additional Information:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk63663

insert_drive_file 1558688148016000015690_sktwi1f5rjvs16fix.jpeg
arrow_downward Download
insert_drive_file 1558688146111000015690_sktwi1f5rjvs16fiw.jpeg
arrow_downward Download
insert_drive_file 1558688142922000015690_sktwi1f5rjvs16fiv.jpeg
arrow_downward Download