Just your CP

Let me test it tomorrow and will update on the results.

Thank you very much.

Best,

Andy

Will test this shortly in Azure lab with my colleague and update.

Best,

Andy

Just to let you know, I was able to install that software you mentioned on Linux machine, but then when adding my cluster IP to monitor, it was complaining about connectivity (not sure why), but I will look into it more some time this week. Its not too important atm, as we can easily use SIEM solution to set this up.

Best,

Andy

Hey @Blason_R 

I was able to get this installed in Linux lab and looks good! My colleague informed me that Azure side is having some issue, hence tunnel shows as down at the moment. Check mk is very cool.

Thanks again, below is creencap I took from it.

Andy

Thats Correct!! and excellent work Dude

Thanks 🙂

Lets see if I can figure out why tunnel shows as down from CP side, as my colleague said Azure shows connected and graph shows traffic and same shows via vpn tu on my end, but sv monitor keeps saying down...weird.

Andy

K, all good now! I had to change tunnel to regular instead of permanent, modify a rule and change some stuff in tunnel management tab in community...it is a lab after all lol

Best,

Andy

Can u help me with configure checkpoint vpns with check_mk?

Are you asking about how to add devices in check_mk? or any specific OID?

You just need to enable the snmp on firewall

Allow access

Login to check_mk, Got to Setup -> Hosts -> Add Host - Add IP address - Select check_mk Agent/Api Integrations -> And from dtop down select No API Integrations/ No checkmk agent

Enable SNMP and SNMP Credentials and enter community

I added checkpoint device but i havent services about status of vpn tunnels

I did this while ago and worked fine...let me see if I can find exactly how.

Andy

Can we talk with mail?

Sure, but all you need to do is what @Blason_R advised and it will show up in check-mk.

Andy

I added checkpoint with SNMP, but i haven't items about VPN tunnels

Where are you located? Im in Canada est, so its 7 am here, I can help you around 8 am, which would be 12 pm UK time.

Andy

I m in Kazakhstan utc +5:00, its 6:00 pm, Can u help me after 3 hours? I send link for zoom in private message

Only for the next hour, sorry.

Can u help tomorrow 12:00 pm UTC +5?

Im in EST, so that would not work, sorry. Im usually good from 7-8.30 am EST or after 5 pm EST

Andy

Ok i will wait

Hey @Arthas 

Thanks a lot for zoom earlier today, appreciated. So, I installed check mk in the lab, and I emailed you the screenshot to email you gave me. I really have a gut feeling you dont see it because its SMB, but not 100% positive, maybe someone else can confirm for sure. For what its worth, I also added custom snpm trap in web UI of my lab fw as below.

Andy