Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
coskun_sanli
Participant

vpn community

Hello
how to notice  vpn community down/up via mail on R80.10

thank you

4 Replies
Marco_Valenti
Advisor

Easy way - you can monitor the state of a tunnel on your security gateway  through snmp and then with your monitoring software send an email

Hard way - probably with an user defined event in smart event  it is possible to achieve this but I'm not sure about that

Zach_Rack
Contributor

Marco ,That's exactly what we did .we leveraged sk63663 (to monitor VPN tunnels using SNMP ).

and we have already in place Network monitor software ; to watch and monitor any SNMP status ,and if there's something wrong with the VPN tunnel it would send an alert (email,text...etc) .

I'm not sure if Checkpoint Smart-event has the same capability to do the same function.

Marco_Valenti
Advisor

we use it for install policy if you get some error in phase1 probably you can define a user defined event but it's a lot more hard , despite that I did not have good result with snmp monitoring with few false positive so we decided to live without it users are usually faster anyway 

Timothy_Hall
Legend Legend
Legend

One other option if both gateways are Check Point devices is to enable Permanent Tunnels (essentially Check Point's version of Dead Peer Detection) in the VPN community object, then set the "Tunnel Down" track to SNMP Trap or Mail Alert as shown here:

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events