RE: [nv-l] How to supervise correctly a VPN connection

To:	<nv-l@lists.us.ibm.com>
Subject:	RE: [nv-l] How to supervise correctly a VPN connection
From:	"Nicolas DE VAUX BIDON" <nicolas.devauxbidon@isg.transiciel.com>
Date:	Fri, 12 Dec 2003 15:31:34 +0100
Delivery-date:	Fri, 12 Dec 2003 14:43:11 +0000
Envelope-to:	nv-l-archive@lists.skills-1st.co.uk
Reply-to:	nv-l@lists.us.ibm.com
Sender:	owner-nv-l@lists.us.ibm.com

Thank you answering scott, what you've said confirm that i think, Netview 
cannot do that correctly... I hope I am misktaken....

---------- Original Message ----------------------------------
From: "Barr, Scott" <Scott_Barr@csgsystems.com>
Reply-To: nv-l@lists.us.ibm.com
Date: Fri, 12 Dec 2003 08:06:41 -0600

>You're making this way too hard!
>
>We use Cisco VPN so you'll have to translate this to your environment, but 
>what we do is this:
>
>1. In our seed file, we put the address of the tunnel partner at the other 
>end. This is done with ICMP only, as SNMP across the internet even inside a 
>tunnel is a bit spotty. So we ping the router at that far end through the 
>tunnel. If the tunnel is down, the pings fail, i.e. the VPN connection is 
>broken.
>
>2. We automated the traps the VPN concentrator sends - in our case, the Cisco 
>VPN concentrator produces a message saying when a "user" logs on or off - in 
>our case, our remote VPN concentrators are "users" and we have a ruleset that 
>forwards the traps to a script that parses out the "users" we are concerned 
>about (only the hardware clients/concentrators) are acted upon.
>
>3. A third step we are taking is to catch these log on/off situations by the 
>hardware client and issue a different up/down trap so that we can do the 5 
>minute correlation to make sure they are really down.
>
>Don't know if this helps, but it is an approach I have had success with.
>
>-----Original Message-----
>From: owner-nv-l@lists.us.ibm.com [mailto:owner-nv-l@lists.us.ibm.com]On
>Behalf Of Nicolas DE VAUX BIDON
>Sent: Friday, December 12, 2003 3:30 AM
>To: nv-l@lists.us.ibm.com
>Subject: [nv-l] How to supervise correctly a VPN connection
>
>
>Hi,
>
>I'm trying to integrate a VPN connection on a network map.
>I don't know really how to do this. For the moment, I define manually a gateway
>object with two interface. These interfaces represent endings of the VPN...
>
>The VPN is composed of a checkpoint NG FP3 on a side and a contivity box on 
>the other side.
>
>In fact the reality is deformed.... In this context, I also need also to use
>the RFI feature.
>
>I think i'm not the only person who try to do this, i tried to find the
>information in documentation and archives of nv-l, but i found nothing.
>
>I'll wondering if someone could help me ;)
>
>Netview 7.1.3 FixPack1 (NT Version)
>
>
>

<Prev in Thread]	Current Thread	[Next in Thread>
[nv-l] How to supervise correctly a VPN connection, ndvb [nv-l] How to supervise correctly a VPN connection, Nicolas DE VAUX BIDON RE: [nv-l] How to supervise correctly a VPN connection, Barr, Scott RE: [nv-l] How to supervise correctly a VPN connection, Nicolas DE VAUX BIDON <=

Previous by Date:	RE: [nv-l] NetView Multicast, Bursik, Scott {PBSG}
Next by Date:	Re: [nv-l] NVATTR_8 is too long, Leslie Clark
Previous by Thread:	RE: [nv-l] How to supervise correctly a VPN connection, Barr, Scott
Next by Thread:	[nv-l] Ruleset editor?, Tom Hallberg
Indexes:	[Date] [Thread] [Top] [All Lists]