Checkpoint virtual contexts stay blue (initial) in CA Spectrum

Document ID : KB000008946
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

When modeling Checkpoint virtual contexts, they are not contactable by Spectrum and stay in the Initial (blue) state.

Cause:

The problem is that the virtual switching is not turned on at the firewall.

Resolution:

You need to make sure there is an SNMPv3 profile configured AND that the vs mode has been enabled.  Here are sample commands:

 

Sample commands: 

            > add snmp usm user admin security-level authNoPriv auth-pass-phrase abcd1234 

            > set snmp mode vs 

            > set snmp agent on

 

Make sure that SNMPv3 profile exists in CA Spectrum.

If the Checkpoint Firewall is already modeled in CA Spectrum you will need to destroy and recreate the model after the above commands have been run.

Verify the contexts are modeled with the SNMPv3 community string with the context name:  #v3/P:auth:priv/contextname/username