Question

Checkpoint IPsec Tunnel Monitoring.

  • 30 May 2023
  • 8 replies
  • 96 views
N
Rank
Userlevel 1
Badge

Hi all,

Is anyone using the LM to Monitor IPSec Tunnel monitoring?  if so, are you using the custom OID

 

8 replies

Stuart Weenig
Rank
Userlevel 7
Badge +18

I don’t know what custom OID you might be referring to, but we do have some significant customizations to that DS.

  1. We have modified the script to add another output to detect if the device is a standby device. 
  2. We created a datapoint to store that:
  3. Then we modified the TunnelActiveTime_Seconds datapoint:

This might not be what you are looking for, but it helped us reduce alerts for when a secondary unit was offline.

Rebuilding my stuff here: https://github.com/sweenig/lm http://bit.ly/sweenigresume
T
Rank
Userlevel 3
Badge +2

Hello Nishil, can you confirm the device type and vendor in which the IPSec tunnels are configured?

LM Community Champion
N
Rank
Userlevel 1
Badge

@tswisdom -  The device type is the Firewall and Vendor is the Checkpoint.

N
Rank
Userlevel 1
Badge

@Stuart Weenig - I was reading the Checkpoint article it mention about to monitor state of the VPN tunnel via SNMP OID 1.3.6.1.4.1.2620.500.9002.1.3 and SNMP OID 1.3.6.1.4.1.2620.500.9003.1.3.  I don’t think those OID is added in the Checkpoint core. 

Here the link for the article.

https://support.checkpoint.com/results/sk/sk63663

Stuart Weenig
Rank
Userlevel 7
Badge +18

If you have the OIDs, have you attempted to build the DS yourself?

Rebuilding my stuff here: https://github.com/sweenig/lm http://bit.ly/sweenigresume
T
Rank
Userlevel 3
Badge +2

Much obliged Nishil,

Evaluating our core Checkpoint modules, it doesn’t appear we’re currently capturing IPSec Tunnel data, nor do we have a generic IPSec Tunnel module. I also evaluated community modules in the exchange, and didn’t surface anything that’d collect this data. With that said, given you already have the appropriate OID’s, you should certainly be able to capture the data via custom datasource, we touch on how to do so here. You may also wish to take a moment to submit feedback through your portal requesting IPSec Tunnel Monitoring be added for Checkpoint devices.

Warm regards,
Tyler Wisdom

LM Community Champion
Eric H
Rank
Userlevel 2
Badge +2

There’s also a quick 7min video tutorial on making an SNMP DataSource in our LearningBytes training series here…

Learning Byte: Making an SNMP DataSource
https://academy.logicmonitor.com/making-an-snmp-datasource/1329215 

Eric Hale | Technical Support Engineer II | LM Community Champion
Stuart Weenig
Rank
Userlevel 7
Badge +18

Ug, the sign in process to get to the academy. So broken, especially if you have SSO configured. Please tell me the advances made with the multi-SSO platform will provide a single login page with Skilljar redirection built in.

Rebuilding my stuff here: https://github.com/sweenig/lm http://bit.ly/sweenigresume

Reply


Terms & ConditionsCookie settings