Skip to main content

Monitoring VPN Tunnels

By
We can do Monitoring VPN Tunnel using Checkpoint itself

We have many tunnels on our checkpoint is being used enterprise wide. I was not found any application or monitoring mechanism for vpn tunnel Monitoring. whenever tunnel goes down, we come to know only if partner or any team complains. So The solution I find this one to monitor vpn tunnels.

Here is the way

1)    We are using Check Point gateways on both sides of the VPN, the best way to do this is to set Permanent Tunnels in the VPN Community. On the "Tunnel Management" screen of the VPN community we can set up automatic Emails/SNMP Traps for when the tunnel falls down and can't get back up. Once again permanent tunnels only works between Check Point gateways.

2)    If the remote firewalls are not Check Point, the best we can do under "Global Properties > Log and Alert" is to set "VPN Configuration & Key Exchange Errors" & "VPN Packet Handling Errors" to an Email/SNMP Trap to notify us if a tunnel fails.


Comments

Post a Comment

Popular posts from this blog

Duplicate IP Address has been Detected Rule

By
A duplicate IP address has been detected on the network Rule Knowledgebase Summary This rule generates an alert when Windows® detects that he local machine’s IP address is in conflict with one or more identical IP addresses on the network. Until the IP address conflict is resolved, remote clients and applications may have difficulty accessing resources on any of the effected computers. Additionally, the local computer may not be able to access network resources. Related Events This rule generates an alert whenever the following events occur and are recorded in the System Event Log: The system detected an address conflict for IP address %2 with the system having network hardware address %3. The local interface has been disabled. Source: TCPIP; Event ID: 4198; The system detected an address conflict for IP address %2 with the system having network hardware address %3. The local interface has been disabled. Source: TCP...
1 comment
Read more

Schedule Automatic backup config in Cisco Nexus

By
Schedule Automatic backup config in Cisco Nexus Nexus-Sw1(config)#feature scheduler   //Enable scheduler service in Nexus Nexus-Sw1(config)#scheduler job name backup-daily      // Job Name Nexus-Sw1(config)#scheduler aaa-authentication username abcd password abcd@123     // AAA - Authentication for Job created above (If AAA configured) Nexus-Sw1(config)#scheduler job name backup-daily copy running-config tftp://192.168.1.23/$(SWITCHNAME)-cfg.$(TIMESTAMP)         //IP of TFTP SERVER , file will saved with switch name and timestamp exit Nexus-Sw1(config)#scheduler schedule name backup-daily   // Setup Schedule to run for the JOB Nexus-Sw1(config-schedule)# time ?   daily    Specify a daily schedule   monthly  Specify a monthly schedule   start    Specify a future time schedule   weekly   Specify a weekly schedule...
Post a Comment
Read more

VMware CPU and Memory Reservations: Fixing Insufficient resources to satisfy configured failover level for HA

By
Source Knowledge From :-  http://geekswing.com/geek/vmware-cpu-and-ram-reservations-fixing-insufficient-resources-to-satisfy-configured-failover-level-for-ha/ VMware CPU and Memory Reservations: Fixing Insufficient resources to satisfy configured failover level for HA This post comes from a few days of poring over manuals as well as some technical support. This is a good one. The error came from trying to power on a VM in our VMware cluster and we would get these errors: “Insufficient resources to satisfy configured failover level for HA” And this alert on our cluster “Insufficient resources to satisfy HA failover level on cluster vmCluster in vmTST” Our way of thinking was we had to power one off to power another one on. But that didn’t work. Here we is the actual solution. (p.s. Great VMware HA education for me on this one!) PROBLEM SOURCE: VMware HA is turned on and you are violating constraints VMware HA is turned on, and you have i...
1 comment
Read more