Monitoring Tunnels
Tunnels Solution
VPN Tunnels are secure links between Security Gateways and ensure secure connections between an organization's gateways and remote access clients.
Once Tunnels are created and put to use, you are able to keep track of their normal function, so that possible malfunctions and connectivity problems can be accessed and solved as soon as possible.
To ensure this security level, SmartView Monitor can recognize malfunctions and connectivity problems by constantly monitoring and analyzing the status of an organizations Tunnels. With the use of Tunnel views, you can generate fully detailed reports that include information about all the Tunnels that fulfill the specific Tunnel views conditions. With this information it is possible to monitor Tunnel status, the Community with which a Tunnel is associated, the gateways to which the Tunnel is connected, etc. The following represent the two Tunnel types:
- A Regular tunnel refers to the ability to send encrypted data between two peers. The Regular tunnel is considered "up" if both peers have Phase 1 and Phase 2 keys.
- Permanent tunnels are constantly kept active and as a result it is easier to recognize malfunctions and connectivity problems. With Permanent tunnels administrators can monitor the two sides of a VPN tunnel and identify problems without delay.
Each VPN tunnel in the community can be set as a Permanent tunnel. Since Permanent tunnels are constantly monitored. A log, alert, or user defined action can be issued when the VPN tunnel is down.
Permanent tunnels can only be established between Check Point gateways. The configuration of Permanent tunnels takes place on the community level and:
- can be specified for an entire community. This option sets every VPN tunnel in the community as permanent.
- can be specified for a specific gateway. Use this option to configure specific gateways to have Permanent tunnels.
- can be specified for a single VPN tunnel. This feature allows configuring specific tunnels between specific gateways as permanent.
This table shows the possible Tunnel states and their significance to a Permanent or Regular Tunnel.
State
|
Permanent Tunnel
|
Regular Tunnel
|
Up
|
The tunnel is functioning and the data can flow with no problems.
|
Both IDE SA (Phase 1) and IPSEC SA (Phase 2) exist with a peer gateway.
|
Destroyed
|
The tunnel is destroyed.
|
The tunnel is destroyed.
|
Up Phase1
|
Not relevant
|
Tunnel initialization is in process and Phase 1 is complete (that is, IKE SA exists with cookies), but there is no Phase 2.
|
Down
|
There is a tunnel failure. You cannot send and receive data to or from a remote peer.
|
Not relevant.
|
Up Init
|
The tunnel is being initialized.
|
Not relevant.
|
Gateway not Responding
|
The gateway is not responding.
|
The gateway is not responding.
|
Tunnel View Updates
If a Tunnel is deleted from SmartDashboard, the Tunnel Results View shows the deleted Tunnel for an hour after it was deleted.
If a community is edited, the Results View shows removed tunnels for one hour after they were removed from the community.
Running Tunnel Views
When a Tunnel view is run the results appear in the SmartView Monitor client. A Tunnel view can be run:
- from an existing view
- by creating a new view
- by changing an existing view
A Tunnels view can be created and run for
- Down Permanent Tunnels
- Permanent Tunnels
- Tunnels on Community
- Tunnels on Gateway
Run a Down Tunnel View
Down Tunnel view results list all the Tunnels that are currently not active.
- In the SmartView Monitor client, click the Tunnels branch in the Tree View.
- In the Tunnels branch, (Custom or Predefined) double-click the Down Permanent Tunnel view.
A list of all the Down Tunnels associated with the selected view's properties appears.
Run a Permanent Tunnel View
Permanent Tunnel view results list all the existing Permanent Tunnels and their current status.
A Permanent Tunnel is a Tunnel that is constantly kept active.
- In the SmartView Monitor client, click the Tunnels branch in the Tree View.
- In the Tunnels branch, double click the Custom Permanent Tunnel view that you would like to run.
A list of all the Permanent Tunnels associated with the selected view's properties appears.
Run a Tunnels on Community View
Tunnels on Community view results list all the Tunnels associated with a selected Community.
- In the SmartView Monitor client, click the Tunnels branch in the Tree View.
- In the Tunnels branch (Custom or Predefined), double-click the Tunnels on Community view.
A list of all Communities appears.
- Select the Community whose Tunnels you would like to monitor.
- Select OK.
A list of all the Tunnels associated with the selected Community appears.
Run a Tunnels on Gateway View
Tunnels on Gateway view results list all the Tunnels associated with a selected Gateway.
- In the SmartView Monitor client, click the Tunnels branch in the Tree View.
- In the Tunnels branch (Custom or Predefined) double-click the Tunnels on Gateway view.
A list of all the gateways appears.
- Select the gateway whose Tunnels and their status you would like to see.
- Select OK.
A list of all the Tunnels associated with the selected gateway appears.
|
