cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Viewing Fan Status on non-Checkpoint Appliance

Hi Team,

I just wanted to know, is there any way to find out our firewall fan status, just to know whether it is running or not. Since the Gaia OS are install in ProLiant DL360 Gen9, not in checkpoint appliance itself.

I did try on checkpoint appliance and view on CP SmartView Monitor. But maybe there is another way or command to see it on difference hardware based you guys might be monitoring before.

Thank you.

13 Replies

Re: Viewing Fan Status on non-Checkpoint Appliance

This is possible at least for certified servers with an Intelligent Platform Management Interface (IPMI) card installed. For details, please see sk94629 How to enable temperature and fan sensors for SecurePlatform / GAiA OS on Open Servers.

0 Kudos
Vladimir
Pearl

Re: Viewing Fan Status on non-Checkpoint Appliance

Check if your server is equipped with iLO (integrated Lights Out) management port. If it is, you may configure it for out of band access to the hardware and get all the information about its status as well as get an out of band console access to it.

Usual security related disclaimers apply: password strengths, lockout policies, etc..

I am not aware of Gaia's monitoring capabilities integration with Open Server hardware, as there are infinite number of models it could be run on.

0 Kudos
Highlighted

Re: Viewing Fan Status on non-Checkpoint Appliance

This is one of the possible method to monitor it. Thanks for solution sharing.

0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

Yeah. So if it is certified IPMI servers then you can run below command and you will get output.

cpstat -f sensors os

 

0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

That is not fully true, see the sk94629. By default, the /etc/sysconfig/sensors/sensors_data.C scheme file contains threshold data only for Check Point appliances, and hardware may differ

0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

I tried it on a system once.
The following command shows me all 7 fans on a DL360 G9.

watch "cpstat -f sensors os | grep Fan"

Regards

Heiko

Re: Viewing Fan Status on non-Checkpoint Appliance

Hi Heiko,

Thank for the solution provided, can you share the successfull result of the command. I just wonder, did the status "1" means it is UP and running.?

Re: Viewing Fan Status on non-Checkpoint Appliance

In the cpstat output a Status of "1" means that element is outside the expected value range, while a zero means it is within normal range.  Like this example of a CPU fan failure from my book that I've seen in the real world:

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Re: Viewing Fan Status on non-Checkpoint Appliance

Thanks for your explaination. But I got this result, and the value is 19.60 with the status 1. What does it really means.

0 Kudos
Vladimir
Pearl

Re: Viewing Fan Status on non-Checkpoint Appliance

Hm.. not sure.

Can you try "show sysEnv all" from clish and post the output here?

0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

Hi Aznaz,

The values shown in that screenshot don't make any sense.  I assume you are running R77.30 with the latest GA Jumbo HFA or R80.10?  The underlying firewall hardware must be new enough that it can't decode and display the values properly.

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

As long as you are using R77.20 or later with the latest Jumbo HFA, you should be able to see fan & power supply status on most open hardware.  Prior to R77.20, trying to query these values on open hardware almost never worked.

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: Viewing Fan Status on non-Checkpoint Appliance

I would also advise that you check the SNMP MIB files by your chosen open hardware vendor.

I use Zabbix monitoring and its quite easy to spin up automation to poll OID's and their sub trees to find the total number of fans, add them as an item, and build a trigger to alert on fan RPM being 0 for example.

Alternatively, your chosen vendor may provide SNMP Traps to alert you once a specific threshold has been met.

0 Kudos