[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] SNMP through VPN
My bad...should have read "UDP/ICMP" replies. You probably figured that out ;) Chris -----Original Message----- From: Chris Arnold Sent: Friday, April 13, 2001 9:40 AM To: [email protected] Subject: [FW1] SNMP through VPN Hi, all. We have a network monitoring tool (similar to OpenView) which does SNMP polling and ICMP health checks. We want to poll the internal interfaces of our firewalls (Nokias with IPSO 3.3) from this one host. It works fine on the FW it is directly behind but can not poll the internal interfaces of remote VPN endpoints (VPN-1 4.1 SP3). I can snmpwalk and ping each Nokia from directly behind it so I know it works but not across the IKE tunnels (EVERY other type of allowed traffic can pass). UDP timeout is set to 60 seconds and I allow UDP/SMTP replies as well. The log shows the encrypted udp/161 transaction and then a decrypt on the remote side but never a reply. Not even a deny/drop for SNMP or ICMP. Thoughts? Chris ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|