cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

vpn community

Hello
how to notice  vpn community down/up via mail on R80.10

thank you

0 Kudos
4 Replies

Re: vpn community

Easy way - you can monitor the state of a tunnel on your security gateway  through snmp and then with your monitoring software send an email

Hard way - probably with an user defined event in smart event  it is possible to achieve this but I'm not sure about that

Zach_Rack
Nickel

Re: vpn community

Marco ,That's exactly what we did .we leveraged sk63663 (to monitor VPN tunnels using SNMP ).

and we have already in place Network monitor software ; to watch and monitor any SNMP status ,and if there's something wrong with the VPN tunnel it would send an alert (email,text...etc) .

I'm not sure if Checkpoint Smart-event has the same capability to do the same function.

0 Kudos
Highlighted

Re: vpn community

we use it for install policy if you get some error in phase1 probably you can define a user defined event but it's a lot more hard , despite that I did not have good result with snmp monitoring with few false positive so we decided to live without it users are usually faster anyway 

0 Kudos

Re: vpn community

One other option if both gateways are Check Point devices is to enable Permanent Tunnels (essentially Check Point's version of Dead Peer Detection) in the VPN community object, then set the "Tunnel Down" track to SNMP Trap or Mail Alert as shown here:

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos