Hi All,
How to Monitor VPN Tunnel State in checkpoint firewalls ? If there is no default option means it can be done with OID?
Hi Praveen,
you are right, if it does not come up in the defaults, you need to create a UnDP Universal Device Poller. I did a quick search and found this Monitoring IPSec VPN tunnels with CheckPoint OIDs on GAiA R75.46 they list some OIDs you might want to include in your UnDP.
If you use the Universal Device Poller tool to create a new UnDP for the tunnel you can alert on the "tunnel state", which is reported as a raw number (from the article linked above):
OID for a specific parameter is .1.3.6.1.4.1.2620.500.9002.1.#.{peer-ip-addr}.0 where # identifies parameter
3: Tunnel state (3=active, 4=destroy, 129=idle, 130=phase1, 131=down, 132=init, see SK63663)
So if the value of the UnDP != 3 (active), send an alert that something is wrong with the tunnel
Hi yaquaholic,
Alert is working but how did you manage the trigger action for this alert.
If you have more than 1 vpn, how do you understand which vpn is down, can you send the trigger action screenshot.
Thank you
Out trigger ended up looking like this:
SELECT E0.[Uri], E0.[DisplayName]
FROM Orion.NPM.CustomPollerStatusOnNodeTabular AS E0
WHERE E0.[CustomPollerAssignment].[CustomPoller].[UniqueName] = '<poller name goes here>'
AND ( E0.[RawStatus] = '4' OR E0.[RawStatus] > '129' )
And as we were getting a bit of alert noise, we set Condition must exist for more than 5 minutes, to check that the error wasn't just a tunnel reconnecting.
And into the alert email body:
<b>VPN Tunnel alert for ${N=SwisEntity;M=CustomPollerAssignment.Node.Caption} </b>
VPN tunnel peer IP: ${N=SwisEntity;M=RowLabel}
Status: ${N=SwisEntity;M=Status}
Description: ${N=SwisEntity;M=CustomPollerAssignment.CustomPoller.Description}
This reports the VPN details to the service desk, to pass to our network team.
Hope it helps!
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.