Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-24984

Issue with discovering more than 10 VPN tunnels in Check Point Next Generation Firewall by SNMP template

XMLWordPrintable

    • Icon: Incident report Incident report
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • None
    • None
    • Templates (T)
    • Ubuntu 22.04 Server / Proxy, Zabbix 7.0, Checkpoint R81.20

      Issue:

      When performing an a discovery of VPN tunnels for the Check Point Next Generation Firewall by SNMP template. The number of VPN tunnels returned is linked to the Max repetition count value, meaning that when you have more VPN tunnels than you are able to specify max repetitions, not all VPN tunnels are discovered.

      Steps to reproduce:

      1. Assign the Template "Check Point Next Generation Firewall by SNMP" to device
      2. Configure SNMPv3 for device
      3. Go to device Discovery, "Check Point: SNMP walk VPN tunnels"
      4. Click Test
      5. Run Test and check results

      Result:

      Number of VPN tunnels displayed is equal to the Max repetition count. For example, setting the max repetition count to 10 will return 10 tunnels, setting to 30 will return 30 tunnels. Setting any higher produces an "SNMP error: (genError) A general failure occured" error message. See screenshots.

      Expected:
      When running "snmpbulkwalk" with the same configuration and the Max repetitions value set to 10, all VPN tunnels are returned (in our instance 60 VPN tunnels).

      Running an "snmpbulkwalk" with the same configuration and the Max repetitions value set to 31, will produce the same SNMP error: (genError) A general failure occured" error message. as expected.

        1. image-2024-08-20-16-24-35-989.png
          104 kB
          Luke Warren
        2. image-2024-08-20-16-25-51-266.png
          118 kB
          Luke Warren
        3. snmpbulkwalk_all_tunnels.png
          583 kB
          Luke Warren
        4. snmpbulkwalk_no_tunnels.png
          55 kB
          Luke Warren
        5. zabbix_10_results.png
          136 kB
          Luke Warren
        6. zabbix_20_results.png
          127 kB
          Luke Warren
        7. zabbix_40_results.png
          48 kB
          Luke Warren
        8. zabbix_proxy_obscured.log
          2.24 MB
          Luke Warren

            MVekslers Michael Veksler
            lwarren-criticalis Luke Warren
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - Not Specified
                Not Specified
                Logged:
                Time Spent - 4h
                4h