Wednesday, January 25, 2023

How to Monitor Checkpoint VPN Concurrent Users

 Here is steps to monitor Checkpoint VPN concurrent user using SNMP (Cacti)

1. I'm using Cacti version 1.2.15

2. Here is the screenshot



3. Attached Cacti Template, import this template into your cacti

-------------------

<cacti>

<hash_000102076d1b2d114314e9557b44e14cf090dd>

<name>VPN - Connected Users</name>

<graph>

<t_title></t_title>

<title>|host_description| - Connected Users</title>

<t_vertical_label></t_vertical_label>

<vertical_label>No of Users</vertical_label>

<t_image_format_id></t_image_format_id>

<image_format_id>1</image_format_id>

<t_height></t_height>

<height>120</height>

<t_width></t_width>

<width>800</width>

<t_base_value></t_base_value>

<base_value>1</base_value>

<t_slope_mode></t_slope_mode>

<slope_mode>on</slope_mode>

<t_auto_scale></t_auto_scale>

<auto_scale>on</auto_scale>

<t_auto_scale_opts></t_auto_scale_opts>

<auto_scale_opts>2</auto_scale_opts>

<t_auto_scale_log></t_auto_scale_log>

<auto_scale_log></auto_scale_log>

<t_scale_log_units></t_scale_log_units>

<scale_log_units></scale_log_units>

<t_auto_scale_rigid></t_auto_scale_rigid>

<auto_scale_rigid></auto_scale_rigid>

<t_upper_limit></t_upper_limit>

<upper_limit>10000</upper_limit>

<t_lower_limit></t_lower_limit>

<lower_limit>0</lower_limit>

<t_unit_value></t_unit_value>

<unit_value></unit_value>

<t_unit_exponent_value></t_unit_exponent_value>

<unit_exponent_value></unit_exponent_value>

<t_unit_length></t_unit_length>

<unit_length></unit_length>

<t_no_gridfit></t_no_gridfit>

<no_gridfit></no_gridfit>

<t_alt_y_grid></t_alt_y_grid>

<alt_y_grid></alt_y_grid>

<t_right_axis></t_right_axis>

<right_axis></right_axis>

<t_right_axis_label></t_right_axis_label>

<right_axis_label></right_axis_label>

<t_right_axis_format></t_right_axis_format>

<right_axis_format>0</right_axis_format>

<t_right_axis_formatter></t_right_axis_formatter>

<right_axis_formatter>0</right_axis_formatter>

<t_left_axis_formatter></t_left_axis_formatter>

<left_axis_formatter>0</left_axis_formatter>

<t_auto_padding></t_auto_padding>

<auto_padding>on</auto_padding>

<t_dynamic_labels></t_dynamic_labels>

<dynamic_labels></dynamic_labels>

<t_force_rules_legend></t_force_rules_legend>

<force_rules_legend></force_rules_legend>

<t_tab_width></t_tab_width>

<tab_width>30</tab_width>

<t_legend_position></t_legend_position>

<legend_position>0</legend_position>

<t_legend_direction></t_legend_direction>

<legend_direction>0</legend_direction>

</graph>

<items>

<hash_100102f9087bbc3a33e6001a146f27a1b8fb94>

<graph_type_id>7</graph_type_id>

<task_item_id>hash_0801028be0de000ffa5df12bf6e211194d90fb</task_item_id>

<color_id>FFFF00</color_id>

<alpha>FF</alpha>

<consolidation_function_id>1</consolidation_function_id>

<cdef_id>0</cdef_id>

<vdef_id>0</vdef_id>

<shift></shift>

<value></value>

<gprint_id>hash_060102e9c43831e54eca8069317a2ce8c6f751</gprint_id>

<textalign></textalign>

<text_format>Connections</text_format>

<hard_return></hard_return>

<line_width>0.00</line_width>

<dashes></dashes>

<dash_offset>0</dash_offset>

<sequence>1</sequence>

</hash_100102f9087bbc3a33e6001a146f27a1b8fb94>

<hash_1001022daad84124129e57ebdc72c8a3fcfb42>

<graph_type_id>9</graph_type_id>

<task_item_id>hash_0801028be0de000ffa5df12bf6e211194d90fb</task_item_id>

<color_id>0</color_id>

<alpha>FF</alpha>

<consolidation_function_id>4</consolidation_function_id>

<cdef_id>0</cdef_id>

<vdef_id>0</vdef_id>

<shift></shift>

<value></value>

<gprint_id>hash_060102e9c43831e54eca8069317a2ce8c6f751</gprint_id>

<textalign></textalign>

<text_format>Current:</text_format>

<hard_return></hard_return>

<line_width>0.00</line_width>

<dashes></dashes>

<dash_offset>0</dash_offset>

<sequence>2</sequence>

</hash_1001022daad84124129e57ebdc72c8a3fcfb42>

<hash_100102799aba36e955f6222ed82846bd9e1c80>

<graph_type_id>9</graph_type_id>

<task_item_id>hash_0801028be0de000ffa5df12bf6e211194d90fb</task_item_id>

<color_id>0</color_id>

<alpha>FF</alpha>

<consolidation_function_id>1</consolidation_function_id>

<cdef_id>0</cdef_id>

<vdef_id>0</vdef_id>

<shift></shift>

<value></value>

<gprint_id>hash_060102e9c43831e54eca8069317a2ce8c6f751</gprint_id>

<textalign></textalign>

<text_format>Average:</text_format>

<hard_return></hard_return>

<line_width>0.00</line_width>

<dashes></dashes>

<dash_offset>0</dash_offset>

<sequence>3</sequence>

</hash_100102799aba36e955f6222ed82846bd9e1c80>

<hash_100102e4d2259dc46e9b3c3f55cbef6096ca73>

<graph_type_id>9</graph_type_id>

<task_item_id>hash_0801028be0de000ffa5df12bf6e211194d90fb</task_item_id>

<color_id>0</color_id>

<alpha>FF</alpha>

<consolidation_function_id>3</consolidation_function_id>

<cdef_id>0</cdef_id>

<vdef_id>0</vdef_id>

<shift></shift>

<value></value>

<gprint_id>hash_060102e9c43831e54eca8069317a2ce8c6f751</gprint_id>

<textalign></textalign>

<text_format>Max:</text_format>

<hard_return></hard_return>

<line_width>0.00</line_width>

<dashes></dashes>

<dash_offset>0</dash_offset>

<sequence>4</sequence>

</hash_100102e4d2259dc46e9b3c3f55cbef6096ca73>

<hash_10010278bb2e3bf1ef536dfd3d118f9c5b5809>

<graph_type_id>4</graph_type_id>

<task_item_id>hash_0801028be0de000ffa5df12bf6e211194d90fb</task_item_id>

<color_id>000000</color_id>

<alpha>FF</alpha>

<consolidation_function_id>3</consolidation_function_id>

<cdef_id>0</cdef_id>

<vdef_id>0</vdef_id>

<shift></shift>

<value></value>

<gprint_id>hash_060102e9c43831e54eca8069317a2ce8c6f751</gprint_id>

<textalign></textalign>

<text_format>Max</text_format>

<hard_return>on</hard_return>

<line_width>0.00</line_width>

<dashes></dashes>

<dash_offset>0</dash_offset>

<sequence>5</sequence>

</hash_10010278bb2e3bf1ef536dfd3d118f9c5b5809>

</items>

<inputs>

<hash_090102d7d6f3b9cfb6bfd0c5ff8326e37f671c>

<name>Data Source [vpnusers]</name>

<description></description>

<column_name>task_item_id</column_name>

<items>hash_000102f9087bbc3a33e6001a146f27a1b8fb94|hash_0001022daad84124129e57ebdc72c8a3fcfb42|hash_000102799aba36e955f6222ed82846bd9e1c80|hash_000102e4d2259dc46e9b3c3f55cbef6096ca73|hash_00010278bb2e3bf1ef536dfd3d118f9c5b5809</items>

</hash_090102d7d6f3b9cfb6bfd0c5ff8326e37f671c>

</inputs>

</hash_000102076d1b2d114314e9557b44e14cf090dd>

<hash_010102144d4166ef64cc27c40c3c836eb8f316>

<name>VPN - Concurrent Users</name>

<ds>

<t_name></t_name>

<name>|host_description| - Concurrent Users</name>

<data_source_path></data_source_path>

<data_input_id>hash_0301023eb92bb845b9660a7445cf9740726522</data_input_id>

<t_data_source_profile_id></t_data_source_profile_id>

<data_source_profile_id>hash_200102d62c52891f4f9688729a5bc9fad91b18</data_source_profile_id>

<t_rrd_step></t_rrd_step>

<rrd_step>300</rrd_step>

<t_active></t_active>

<active>on</active>

</ds>

<items>

<hash_0801028be0de000ffa5df12bf6e211194d90fb>

<t_data_source_name></t_data_source_name>

<data_source_name>vpnusers</data_source_name>

<t_rrd_minimum></t_rrd_minimum>

<rrd_minimum>0</rrd_minimum>

<t_rrd_maximum></t_rrd_maximum>

<rrd_maximum>U</rrd_maximum>

<t_data_source_type_id></t_data_source_type_id>

<data_source_type_id>1</data_source_type_id>

<t_rrd_heartbeat></t_rrd_heartbeat>

<rrd_heartbeat>600</rrd_heartbeat>

<t_data_input_field_id></t_data_input_field_id>

<data_input_field_id>0</data_input_field_id>

</hash_0801028be0de000ffa5df12bf6e211194d90fb>

</items>

<data>

<item_000>

<data_input_field_id>hash_07010292f5906c8dc0f964b41f4253df582c38</data_input_field_id>

<t_value></t_value>

<value></value>

</item_000>

<item_001>

<data_input_field_id>hash_07010232285d5bf16e56c478f5e83f32cda9ef</data_input_field_id>

<t_value></t_value>

<value></value>

</item_001>

<item_002>

<data_input_field_id>hash_070102ad14ac90641aed388139f6ba86a2e48b</data_input_field_id>

<t_value></t_value>

<value></value>

</item_002>

<item_003>

<data_input_field_id>hash_0701029c55a74bd571b4f00a96fd4b793278c6</data_input_field_id>

<t_value></t_value>

<value></value>

</item_003>

<item_004>

<data_input_field_id>hash_070102012ccb1d3687d3edb29c002ea66e72da</data_input_field_id>

<t_value></t_value>

<value></value>

</item_004>

<item_005>

<data_input_field_id>hash_0701024276a5ec6e3fe33995129041b1909762</data_input_field_id>

<t_value></t_value>

<value>.1.3.6.1.4.1.2620.1.2.5.2.3.0</value>

</item_005>

<item_006>

<data_input_field_id>hash_070102fc64b99742ec417cc424dbf8c7692d36</data_input_field_id>

<t_value></t_value>

<value></value>

</item_006>

<item_007>

<data_input_field_id>hash_07010220832ce12f099c8e54140793a091af90</data_input_field_id>

<t_value></t_value>

<value></value>

</item_007>

<item_008>

<data_input_field_id>hash_070102c60c9aac1e1b3555ea0620b8bbfd82cb</data_input_field_id>

<t_value></t_value>

<value></value>

</item_008>

<item_009>

<data_input_field_id>hash_070102feda162701240101bc74148415ef415a</data_input_field_id>

<t_value></t_value>

<value></value>

</item_009>

</data>

</hash_010102144d4166ef64cc27c40c3c836eb8f316>

<hash_0301023eb92bb845b9660a7445cf9740726522>

<name>Get SNMP Data</name>

<type_id>2</type_id>

<input_string></input_string>

<fields>

<hash_07010292f5906c8dc0f964b41f4253df582c38>

<name>SNMP IP Address</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>hostname</type_code>

<input_output>in</input_output>

<data_name>management_ip</data_name>

</hash_07010292f5906c8dc0f964b41f4253df582c38>

<hash_07010232285d5bf16e56c478f5e83f32cda9ef>

<name>SNMP Community</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_community</type_code>

<input_output>in</input_output>

<data_name>snmp_community</data_name>

</hash_07010232285d5bf16e56c478f5e83f32cda9ef>

<hash_070102ad14ac90641aed388139f6ba86a2e48b>

<name>SNMP Username</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls>on</allow_nulls>

<type_code>snmp_username</type_code>

<input_output>in</input_output>

<data_name>snmp_username</data_name>

</hash_070102ad14ac90641aed388139f6ba86a2e48b>

<hash_0701029c55a74bd571b4f00a96fd4b793278c6>

<name>SNMP Password</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls>on</allow_nulls>

<type_code>snmp_password</type_code>

<input_output>in</input_output>

<data_name>snmp_password</data_name>

</hash_0701029c55a74bd571b4f00a96fd4b793278c6>

<hash_070102012ccb1d3687d3edb29c002ea66e72da>

<name>SNMP Version (1, 2, or 3)</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls>on</allow_nulls>

<type_code>snmp_version</type_code>

<input_output>in</input_output>

<data_name>snmp_version</data_name>

</hash_070102012ccb1d3687d3edb29c002ea66e72da>

<hash_0701024276a5ec6e3fe33995129041b1909762>

<name>OID</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_oid</type_code>

<input_output>in</input_output>

<data_name>oid</data_name>

</hash_0701024276a5ec6e3fe33995129041b1909762>

<hash_070102fc64b99742ec417cc424dbf8c7692d36>

<name>SNMP Port</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_port</type_code>

<input_output>in</input_output>

<data_name>snmp_port</data_name>

</hash_070102fc64b99742ec417cc424dbf8c7692d36>

<hash_07010220832ce12f099c8e54140793a091af90>

<name>SNMP Authenticaion Protocol (v3)</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_auth_protocol</type_code>

<input_output>in</input_output>

<data_name>snmp_auth_protocol</data_name>

</hash_07010220832ce12f099c8e54140793a091af90>

<hash_070102c60c9aac1e1b3555ea0620b8bbfd82cb>

<name>SNMP Privacy Passphrase (v3)</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_priv_passphrase</type_code>

<input_output>in</input_output>

<data_name>snmp_priv_passphrase</data_name>

</hash_070102c60c9aac1e1b3555ea0620b8bbfd82cb>

<hash_070102feda162701240101bc74148415ef415a>

<name>SNMP Privacy Protocol (v3)</name>

<update_rra></update_rra>

<regexp_match></regexp_match>

<allow_nulls></allow_nulls>

<type_code>snmp_priv_protocol</type_code>

<input_output>in</input_output>

<data_name>snmp_priv_protocol</data_name>

</hash_070102feda162701240101bc74148415ef415a>

</fields>

</hash_0301023eb92bb845b9660a7445cf9740726522>

<hash_200102d62c52891f4f9688729a5bc9fad91b18>

<name>5 Minute Collection</name>

<step>300</step>

<heartbeat>600</heartbeat>

<x_files_factor>0.5</x_files_factor>

<default>on</default>

<cf_items>1|2|3|4</cf_items>

<items>

<item_000>

<name>Daily (5 Minute Average)</name>

<steps>1</steps>

<rows>600</rows>

<timespan>86400</timespan>

</item_000>

<item_001>

<name>Weekly (30 Minute Average)</name>

<steps>6</steps>

<rows>700</rows>

<timespan>604800</timespan>

</item_001>

<item_002>

<name>Monthly (2 Hour Average)</name>

<steps>24</steps>

<rows>775</rows>

<timespan>2618784</timespan>

</item_002>

<item_003>

<name>Yearly (1 Day Average)</name>

<steps>288</steps>

<rows>797</rows>

<timespan>31536000</timespan>

</item_003>

</items>

</hash_200102d62c52891f4f9688729a5bc9fad91b18>

<hash_060102e9c43831e54eca8069317a2ce8c6f751>

<name>Normal</name>

<gprint_text>%8.2lf%s</gprint_text>

</hash_060102e9c43831e54eca8069317a2ce8c6f751>

</cacti>

-------------------


4. Enable SNMP on your Checkpoint VPN gateway (make sure interface is the correct one)

set snmp mode default

set snmp agent on

set snmp agent-version any

set snmp community PbCsNE01 read-only

add snmp interface eth1-01

5. Allow connection on the firewall rules from your Cacti server to VPN gateway



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)