cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Monitoring standby member in a cluster

Hi,

is there a way we can monitor the remote site standby cluster member to make sure its up in case the active member dies the standby takes over? We have IPSec tunnel between remote side and the data center.

Thanks.

-Adnan

Tags (3)
0 Kudos
7 Replies
ED
Silver

Re: Monitoring standby member in a cluster

Hi,

On your remote site gateway cluster property, ClusterXL and VRRP there is a tracking option there when there is changes in the status of cluster members. Default is set to Log. Change it to forexample Mail alert to recieve an mail each time there is a change. 

Highlighted

Re: Monitoring standby member in a cluster

Thanks Enis,

This is what we do to get alerts when the active member becomes standby. But we had a situation where our monitoring tool was monitoring active firewall and the standby firewall's AC adapter was died. Unfortunately, the active firewall died and there was not 'standby' firewall available to fail over. 

Thanks.

-Adnan

0 Kudos
XBensemhoun
Silver

Re: Monitoring standby member in a cluster

The best practices is - off course - to monitor each nodes of clusters using snmp and snmp-trap‌

You can use Best Practices - SNMP .

Do you have such monitoring tools?

Kim_Moberg
Silver

Re: Monitoring standby member in a cluster

Maybe om could filter on cluster member events in messages and dmesg?

 Each important cluster event that affects the Cluster Members has a unique code that appears in the /var/log/messages file and dmesg.

Each cluster event message starts with the prefix CLUS-XXXXXX.

  • The first digit can distinguish between events of the local/remote members: <1 - local | 2 - remote>
  • State event codes are unique and have a separate explanation.
  • The Second Third and Four digits describe the event topic for easier filtering.
    • Policy event codes can be filtered by X200XX
    • PNotes and Sync problem event codes can be filtered by X201XX
    • Cluster Under Load event codes can be filtered by X202XX

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

Best Regards
Kim
0 Kudos

Re: Monitoring standby member in a cluster

I guess nothing much can be done from the CP side, your best bet would be to rely on a external network monitoring tool (any snmp based monitoring tool will do)

0 Kudos
Vladimir
Pearl

Re: Monitoring standby member in a cluster

Please take a look at the R80.20 Ongoing GHFA Take_80: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

It seems to address the SSH and WebUI access to the Standby cluster member via VPN, as described here:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

and CP is no longer recommending changing the flag fwha_forw_packet_to_not_active flag, as described here:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

I'd be interested to know if SNMP is working with Take_80 as well.

 

Regards,

Vladimir

 

 

Kim_Moberg
Silver

Re: Monitoring standby member in a cluster

Hi

CheckPoint PRO support would also be an alternative.

it is proactively monitoring your appliances and auto generate TAC request and they can ship a new device before you notice it.

if you have a snmp server you can keep track of the state of the cluster nodes. There is a SK on this but stille you have to now which snmp tags to track and alert from.

Best Regards
Kim
0 Kudos