Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nik_Bloemers
Advisor
Advisor

Disable gateway monitoring

Hello CheckMates,

Is there a way to disable monitoring for gateways that are not able to be monitored since they are behind a (GC)NAT device? So we don't see all sorts of red crosses on the gateway overview page on the management server?

 

0 Kudos
7 Replies
G_W_Albrecht
Legend Legend
Legend

I would think that these red crosses contain valid status information - as the GWs are unreachable from Management, no logs are received and no policy can be installed...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Nik_Bloemers
Advisor
Advisor

Policy can be fetched by SMB appliances and they can send logs just fine (outbound traffic to the SMS is NATed fine by the (CG)NAT device). They just can't be reached by AMON from the SMS.
0 Kudos
Martin_Raska
Advisor
Advisor

Hi,

I have the same question, the customer is very strict about monitoring and does not want to see any warnings or errors in SmartConsole.

eg. we have an object of GW that is needed for Locally managed SMB to be able to send logs to central managed SMS. This object cannot be monitored by SMS and therefore makes an error in smart console.

The question is how to disable AMON for monitoring of unsupported devices/gw.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

I had a 730 locally managed included in Dashboard for logging that logged successfully and was shown with a green symbol. Maybe try this: https://community.checkpoint.com/t5/SMB-Gateways-Spark/R81-10-05-Central-Management-issues/m-p/17655...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Martin_Raska
Advisor
Advisor

I was able to fix it, manual FW rule for AMON from SMS to 1530 was needed on local 1530 policy in incoming.

0 Kudos
Nik_Bloemers
Advisor
Advisor

For locally managed appliances I've never had this issue specifically. My issue is mainly with remote gateways that are behind a NAT device.

0 Kudos
Martin_Raska
Advisor
Advisor

My 1530 has Public WAN IP and dropping AMON traffic from SMS in incoming rules

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events