Solved

How to send SNMP trap from CheckPoint?

Posted on 2004-04-16
8
5,327 Views
Last Modified: 2013-11-16
Dear Sir
        I'm running Checkpoint Firewall Clustering with StoneBeat Cluster software. Firewall version is NG FP2, I implement HP OpenView and need to receive SNMP trap from CheckPoints. I then configure by going through "Policy" => "Global Properties" => "Log and Alert" => "Alert Commands" and entering the command "internal_snmp_trap A.B.C.D" in "Run SNMP trap alert script". But I get nothing. What's wrong ?
        Does anyone face this problem before ?
        I'm so sure that there is nothing sending from CheckPoint when I tried to trigger this SNMP trap script. The reason I'm so sure, since I execute "snoop" command on my CheckPoint Firewall ( UNIX ).
0
Comment
Question by:sirator
  • 5
  • 3
8 Comments
 
LVL 23

Accepted Solution

by:
Tim Holman earned 125 total points
ID: 10841030
Depends on the platform.  The alert command you put in is what the OS needs to run in order to send and SNMP trap.  SNMP needs to be enabled on the OS itself in order to do this.

Check Point's SNMP port is 260 (all the firewall related traps).  The OS port remains as 161 for other OS related things (eg interface up/down).

You need specific MIB files for HP Openview.  The default CheckPoint ones won't work.  I believe there's a specific extension available from HP ?


0
 

Author Comment

by:sirator
ID: 11229298
I observed from CheckPoint document, there're many ways to alert the administrator either by mail or snmp.

Referring from Document in terms of Mail Alert, it said, to alert through mail, the internal command will be used by "internal_send_mail" command.
I tested using this command, but it doesn't work. Then I changed to "internal_sendmail" instead, and it works.

Is anything wrong with CheckPoint FP2 document?

Anyway, I can't find "internal_snmp_trap" work at all. Why not?

Looking up from CheckPoint SecureKnowledge, there's nothing come up for help troubleshooting this issue at all.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 11231476
Again, depends on the platform.  For NT, you need to use %FWDIR%\bin\sendmail, to Nokia, you need to use 'ipso sendmail'... ??
Same applies to snmp !
What platform do you use ?
0
 

Author Comment

by:sirator
ID: 11246266
I'm running on Solaris 5.8.

The matter I suspect is that it's capable of enable mail alert with CheckPoint internal command as "internal_sendmail" as described in CheckPoint manual. (Originally from the manual indication it's "internal_send_mail" that I've tested and it didn't really work)

But it doesn't work with "internal_snmp_trap" command. That's thing I'm so confused.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 23

Expert Comment

by:Tim Holman
ID: 11358067
Do you still need help with this ?  I've some Solaris manuals I can look at if you want ?
0
 

Author Comment

by:sirator
ID: 11470683
Hi, I would really appreciate if you can provide me a useful document.

Thanks so much in advances.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 11471838
Is there a rule on the firewall allowing SNMP from the firewall to your OpenView servers ?

Have you tried the snmp_trap command ?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12199362
Is this now resolved ?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now