- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hello,
do you have any solution for Zabbix 4.0.9 and GAIA Checkpoint R80.30? We want to monitor VPN tunnels and our focus is under these two templates:
checkpoint-vpn-1-3.4
snmp-v3-checkpoint-monitoring
Template 1:
https://share.zabbix.com/network_devices/cat-checkpoint/checkpoint-vpn-1-3.4
But we have to load MIBs manually:
"You will need the CHECKPOINT-MIB loaded onto the Zabbix server: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut..."
Template 2:
And the next template is:
https://share.zabbix.com/network_devices/cat-checkpoint/snmp-v3-checkpoint-monitoring
But our 4.0.9 is not compatible with this template.
Do you have instructions for:
https://share.zabbix.com/network_devices/cat-checkpoint/checkpoint-vpn-1-3.4
Or guide how to load Check Point MIB files to Zabbix?
Thank you in advance.
Best Regards.
@John_Fleming might know.
However it’s a probably a question for the relevant Zabbix forum.
The MIB files are located in $FWDIR/lib/snmp on the gateways/management. 
Also why is this posted in the SMB space?
FYI - The checkpoint mibs are kind of limited and doesn't take into account how tunnel management is handled. Your best option to have true visibility is to make sure VPN tunnel is set to 1 tunnel per peer. Once you have this you can truely show VPN is up or down per peer.
The details are there isn't a way to say "between these two peers is there a vpn up from this subnet/host to this subnet/host up?". You could get into a place where part of the VPN is working and part of it isn't but zabbix would see it as working. With one vpn per peer you know its always up or down and zabbix (really snmp) will show the correct info.
I haven't used those templates. We just looked up the VPN mibs and added them to zabbix.
"I haven't used those templates. We just looked up the VPN mibs and added them to zabbix."
Hello, John Fleming thank you for your answer.
Could you tell me how to import Mib files to Zabbix?
There is a version signature in CHECKPOINT-MIB:
checkpoint MODULE-IDENTITY
LAST-UPDATED "201312261309Z"
ORGANIZATION "Check Point"
CONTACT-INFO "Check Point"
DESCRIPTION "Check Point MIB
See the most common OIDs, with detailed descriptions, in the SNMP Best Practices Guide - sk98552
(https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...)"
REVISION "201312261309Z"
DESCRIPTION "Update the SMIv1 MIB to SMIv2"
::= { enterprises 2620 }
I can't remember which one I am using on our Zabbix server but I can check later on.
@Taner You need to copy MIB file to /usr/local/share/snmp/mibs/ and specify this path in snmp config:
# cat /etc/snmp/snmp.conf
# As the snmp packages come without MIB files due to license reasons, loading
# of MIBs is disabled by default. If you added the MIBs you can reenable
# loading them by commenting out the following line.
#mibs :
mibdirs +/usr/local/share/snmp/mibs
And of course make sure snmpd is running.
Search for CP_SNMP_BestPracticesGuide.pdf on CheckPoint site. It is really helpful. Page 24 is what you are looking for.
Thank you Hristo Grigorov.
I will check.
Hello Hristo Grigorov,
But we are talking about SNMP V3 MIBS.
I will appreciate it a lot if it's possible to check exactly which files to where should be copied.
What has MIB file to do with SNMP protocol version ? All you need to copy is CHECKPOINT-MIB and eventually CHECKPOINT-MIB-TRAP.
Hello Hristo Grigorov,
In my Zabbix it's different.
I don't have this config file:
 /etc/snmp/snmp.conf 
I find:
/usr/share/snmp/mibs
And I find:
/etc/snmp/snmpd.conf
Is it possible my snmp version does not support SNMP v3?
The OS is CentOS Linux release 7.6.1810 (Core)
Yeah, you may drop MIB file in that location and don't forget to restart snmpd after that. I don't like to mess with OS default folders hence why I put mine in local one. Anyway, it is best to check CentOS docs on how to properly configure SNMP daemon. Can't help with this, Debian here.
Which mib files I should use from the Check Point Web site for GAIA Checkpoint R80.30 ?
(Check Point Products chkpnt.mib)(Check Point Traps chkpnt-trap.min)(Gaia OS Traps is this the right file? GaiaTrapsMIB.mib)
net-snmp-config --version
5.7.2
net-snmp-config --snmpconfpath
/etc/snmp:/usr/share/snmp:/usr/lib64/snmp:/root/.snmp:/var/lib/net-snmp
chkpnt.mib, but add them all.
chkpnt.mib <- this is for polling. NMS Asking your firewall fire stuff.
chkpnt-trap.mib / GaiaTrapsMIB.mib <- these are for Trap, Firewall telling your NMS something just happened without being asked.
For checking VPN tunnels which is the right MIB file?
And the most important question, how I can load the new MIB file in the SNMP daemon?
Now I read this:
http://net-snmp.sourceforge.net/wiki/index.php/TUT:Using_and_loading_MIBS
But:
# Access Control
################################################## #############################
mibs +GaiaTrapsMIB.txt
/etc/snmp/snmpd.conf: line 18: Warning: Unknown token: mibs.
Where I am wrong?
The OS is CentOS Linux release 7.6.1810 (Core)
net-snmp-config --version
5.7.2
net-snmp-config --snmpconfpath
/etc/snmp:/usr/share/snmp:/usr/lib64/snmp:/root/.snmp:/var/lib/net-snmp
John_Fleming do you know the right syntax to check snmpwalk v3?
snmpwalk -v3 -l authPriv -u USERNAME -a MD5 -A PASSWORD -x AES -X PASSWORD GW2_HostName_or_IP_Address OID
I received these credentials:
Security Level - authPriv
User Permissions - read-only
Authentication protocol - MD5
Privacy Protocol - AES
Authentication passphrase and Privacy passphrase
If the Check Point IP address is 192.168.1.100?
I don't have username for the Check Point device.
You would need to configure an snmp username/password on the appliance in question.
That's a requirement for SNMPv3.
v2 and v3 use the same mibs. v3 just adds stronger authentication to snmp.
yeah it depends on how net-snmp is installed and snmp.conf is setup and containers bla bla bla.
This is pretty close to ours. Ours is installed in container so in our case its in the dir we mapped to the volume but that happens to be /usr/share/mibs/ in the container.
John_Fleming you are right.
How I can easily check which version is my SNMP?
Hello PhoneBoy,
Thank you for your fast response.
The MIB files from the local device and from the website of the Check Point what is the difference?
I posted the topic here because I did see another topic but for SNMP V2 in this section.
 
Hello John_Fleming  could you share your experience regarding the topic?
Honestly, someone from checkpoint would need to explain. My guess is the mib file on the gateway is the mib file based on release date where as the mib file on the website could in theory be more up to date.
They should basically be the same, but I would pull the gateway one and the website one and diff them to see whats different. I don't recall there being any version info in the mib files in either place but I could be wrong.
Hello John, do you have time to show me how to load Mib files in the Zabbix server?
Unless the gateways involved are SMB, it’s probably more of a Management question 🙂
The SNMP files in SK and the ones on the gateway are likely the same.
Don’t believe we’ve changed the MIBs in quite some time.
PhoneBoy I am on the two fronts between Check Point Community and Zabbix, if I can find and MIB creator I want to send him to the prison, why this task is soooo complicated to load the MIB files in the SNMP Daemon, I want to find and Cent OS community to wash them with cold water 😄
 
					
				
				
			
		
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count | 
|---|---|
| 22 | |
| 16 | |
| 7 | |
| 6 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | 
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 11:00 AM (EDT)
Tips and Tricks 2025 #15: Become a Threat Exposure Management Power User!About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY