Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Roee
Explorer

Tunnel monitoring shows tunnel is down although tunnel is working

Hello,

I use Checkpoint 6000 appliance version R80.40.

I've created VPN site-to-site tunnel with AWS.

Traffic is going through the tunnel properly and AWS say both tunnels are UP but looking at Checkpoint monitoring it says tunnel are down.

Anyone is familiar with this scenario? any way to resolve?

 

Thanks

 

Roee

cp_side.png

aws_side.png

0 Kudos
4 Replies
the_rock
Legend
Legend

Im fairly sure its cosmetic...I see this all the time, both in production and lab as well. I find that even if you do cpstop; cpstart or reboot the mgmt server, sometimes that would fix it, but half the time it wont. Eventually, it shows green without any intervention.

Best,

Andy

Lesley
Leader Leader
Leader

You have configured permanent tunnels. This works with DPD that is not working atm (that why it shows down).

This SK could help:

https://support.checkpoint.com/results/sk/sk170614

So fix the DPD and status will be up 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
the_rock
Legend
Legend

Just out of curiosity, I checked this setting for one client we have that has 7 tunnels to Azure (all permanent) and interoperable objects are all set to DPD and issue is still there, just randmoly shows some tunnels as down, though they are all up.

Then you log into S1C the next day or few hours later, all of them are green, without any changes done.

Im fairly positive its cosmetic issue, we were told the same by TAC more than once.

Best,

Andy

the_rock
Legend
Legend

Just to update you, we currently have TAC case for same customer with S1C instance and though we can clearly see tunnel is up based on tcpdump commands we did, sv monitor keeps showing its down. They say its cosmetic and I believe that is most likely true, but I will call later to see if there is any way to fix that.

Will let you know what they say.

Best,

Andy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events