How to monitor the state of VPN Tunnels in Check Point Firewalls.

Document ID : KB000015690
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Monitoring the VPN Tunnel State in Check Point Devices.

 

Question:

How can I monitor the state of VPN Tunnel in a Check Point Firewall?

Answer:

1) SNMP OID 1.3.6.1.4.1.2620.500.9002.1.3 is responsible for the VPN TUNNEL STATE Monitoring.

 

2)  Map this OID if it is not present by default.

 

3) In the below document I have mapped the OID so it is showing as a customized event (i.e) 0xfff....  See the below screenshot.

 

1.JPG

 

4)  After mapping the OID go to the firewall where the VPN Tunnels are configured  and check for the VPNTunnelMonitoring attribute and will show as below with value and table.

 

2.JPG

 

5)  If you click on the  highlightened “Table” it will display the list of Tunnels configured as below. In the below screenshot there are 11 Tunnels configured.

 

3.JPG

 

6)  The value 3 represents the state of the Tunnel and is Active. The following are the values for the Tunnel state.

 

     3=active

 

     4=destroy

 

     129=idle

 

     130=phase1

 

     131=down

 

     132=init

 

7) Once you configured above steps you can create a Spectrowatch and monitor the Tunnels with the Alarm criticality that you require.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Additional Information: