This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
Legend
Legend
‎2024-02-07 05:37 AM
Jump to solution

Monitoring VPN tunnels

Hey guys,

I know there were few posts about this before, but here is what Im looking for. I know many methods you can check the status of the tunnel itself, with tcpdump on proto 50, vpn tu options, sv monitor etc, but those are all manual methods. What Im after is automatic method that would alert a customer if there is an issue with the tunnel.

I get the options inside the community under tunnel management you can set to tunnel down and up for different actions, but I wonder if there is anything more intuitive (for the lack of better term) that can be set up.

Thanks as always for any suggestions.

Best,

Andy

0 Kudos
36 Replies
the_rock
Legend
Legend
‎2024-02-12 07:52 PM
In response to Blason_R
Jump to solution

Let me test it tomorrow and will update on the results.

Thank you very much.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-13 06:20 AM
In response to Blason_R
Jump to solution

Will test this shortly in Azure lab with my colleague and update.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-13 06:12 PM
In response to Blason_R
Jump to solution

Just to let you know, I was able to install that software you mentioned on Linux machine, but then when adding my cluster IP to monitor, it was complaining about connectivity (not sure why), but I will look into it more some time this week. Its not too important atm, as we can easily use SIEM solution to set this up.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-14 06:28 AM
In response to Blason_R
Jump to solution

Hey @Blason_R 

I was able to get this installed in Linux lab and looks good! My colleague informed me that Azure side is having some issue, hence tunnel shows as down at the moment. Check mk is very cool.

Thanks again, below is creencap I took from it.

Andy

 

Screenshot_1.png

0 Kudos
Blason_R
Leader
Leader
‎2024-02-14 07:06 AM
In response to the_rock
Jump to solution

Thats Correct!! and excellent work Dude

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
the_rock
Legend
Legend
‎2024-02-14 07:16 AM
In response to Blason_R
Jump to solution

Thanks 🙂

Lets see if I can figure out why tunnel shows as down from CP side, as my colleague said Azure shows connected and graph shows traffic and same shows via vpn tu on my end, but sv monitor keeps saying down...weird.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-14 08:00 AM
In response to Blason_R
Jump to solution

K, all good now! I had to change tunnel to regular instead of permanent, modify a rule and change some stuff in tunnel management tab in community...it is a lab after all lol

Best,

Andy

 

Screenshot_2.png

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events