Monitoring VPN tunnel down events with SNMP
52106
Created On 09/25/18 19:54 PM - Last Modified 06/09/23 07:35 AM
Symptom
Resolution
As a workaround we can rely on Syslog server and the logs we send to it.
Steps:
- Configure Tunnel Monitor feature on the firewall.
- Configure syslog server.
- Configure Device > Log Setting > System to send logs to Syslog server.
- When tunnel monitor fails firewall generates the following message in the system log:
Time Severity Subtype Object EventID ID Description
===============================================================================
2015/11/15 13:24:34 low vpn <object name> tunnel- 0 Tunnel <tunnel name> is down - Syslog server receives "tunnel down" message
- After IPSec tunnel is brought up tunnel interface also goes up and a new message "tunnel is UP" is generated in system logs
- Newly generated log is sent to the Syslog server.