@the_rock these are the options that Thousandeyes support for SNMPV3 and I have tried all the options and while capturing packet from checkpoint I can see packets coming through and also moving from i > I . 

So none of them work? 😞

Sadly noone of them worked.

I was wondering if I could find some expert here who has deployed thousandeyes with checkpoint.

K, lets wait and see if someone might have an idea.

There is no AES-128 option in Checkpoint and I am using privacy-protocol AES256 authentication-protocol SHA512

I would verify with TAC on this.

Andy

---

@ma_gorkhali wrote:

There is no AES-128 option in Checkpoint and I am using privacy-protocol AES256 authentication-protocol SHA512

---

There absolutely is an AES-128 option, they just leave off the key length (128 bits is the only RFC-compliant AES key length):

[Expert@MyManagement]# fwm ver
This is Check Point Security Management Server R81.20 - Build 017
[Expert@MyManagement]# cpinfo -y fw1

This is Check Point CPinfo Build 914000250 for GAIA
[FW1]
	HOTFIX_INEXT_NANO_EGG_AUTOUPDATE
	HOTFIX_R81_20_JUMBO_HF_MAIN	Take:  92
	HOTFIX_WEBCONSOLE_AUTOUPDATE
	HOTFIX_GOT_MGMT_AUTOUPDATE
	HOTFIX_NGM_DOCTOR_AUTOUPDATE
	HOTFIX_VCE_R81_20_AUTOUPDATE
	HOTFIX_GOT_TPCONF_MGMT_AUTOUPDATE
	HOTFIX_PUBLIC_CLOUD_CA_BUNDLE_AUTOUPDATE

FW1 build number:
This is Check Point Security Management Server R81.20 - Build 017
This is Check Point's software version R81.20 - Build 043

[Expert@MyManagement]# clish
MyManagement> add snmp usm user NewUser security-level authPriv auth-pass-phrase vpn123 privacy-pass-phrase vpn123 privacy-protocol 

DES     AES     AES256
MyManagement> add snmp usm user NewUser security-level authPriv auth-pass-phrase vpn123 privacy-pass-phrase vpn123 privacy-protocol AES authentication-protocol 

SHA256  SHA512
MyManagement> add snmp usm user NewUser security-level authPriv auth-pass-phrase vpn123 privacy-pass-phrase vpn123 privacy-protocol AES authentication-protocol SHA