Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Authority
Authority

How to clearly see uptime and throughput of a VPN tunnel

Hello everyone,

 

I read some older forums about vpn tunnel uptime, but not clear answer how to view it exactly. Is there a command or somewhere in SV monitor where you can clearly tell uptime of a vpn tunnel and actual throughput?

 

Tx

 

Andy

3 Replies
the_rock
Authority
Authority

If anyone is interested, this is what TAC responded:

 

1) Is there any way to actually see uptime of a tunnel?
No there is no uptime that you could see for the tunnels. The best way to identify that is be looking at the log in smart console for the VPN key install and seeing how much time has passed. 
details on the tunnels established can be found from cli with the command "vpn tu tlist" but that does not include uptime

2) Also, by similar method, can you actually see the tunnel throughput at all?
Using the "vpn tu tlist" command you can turn on the tunnel list volume statistics with "vpn tu tlist start" and show the statistics with "vpn tu tlist state"
Other flags can be found in the CLI Reference Guide: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_CLI_ReferenceGuide/Topics-CL...

0 Kudos
PhoneBoy
Admin
Admin

I don’t think we explicitly track when a VPN tunnel “goes up.”
We do keep track of the current timers on SA timers.

Likewise, I don’t think we track current bandwidth used in a tunnel, only bytes transferred.

I suspect what you’re after would be an RFE.

0 Kudos

Real-time measurement of VPN tunnels may impact firewall performance. Best is to install external Netflow traffic monitoring tool and feed it with with data from gateway. 

Tunnel state largely depends on its type - permanent or regular. For regular tunnels there is no such state as Down and neither there is state Up in the same way as it is for permanent tunnels. You can probably utilize SNMP monitoring to track what time tunnel changed state to Up or Down and calculate difference and from there uptime.

0 Kudos