All Forums
> Switch Port Mapper
> Current topic
SNMP query L3 devices like Checkpoint firewalls
Started by Anthony
Anthony
SNMP query L3 devices like Checkpoint firewalls 06 May 2018, 23:50 |
Will Switch Port Mapper support querying ARP entries on devices like Checkpoint firewalls?
Unfortunately I am not getting any IP addresses when I add the Checkpoint firewall as router. I know the ARP table is listed when I walk from the following OID tree: .1.3.6.1.2.1.4.35.1.4
I get info OK from Cisco switch and checkpoint firewall when I test the connection.
Unfortunately I am not getting any IP addresses when I add the Checkpoint firewall as router. I know the ARP table is listed when I walk from the following OID tree: .1.3.6.1.2.1.4.35.1.4
I get info OK from Cisco switch and checkpoint firewall when I test the connection.
Re: SNMP query L3 devices like Checkpoint firewalls 07 May 2018, 01:30 |
Admin Registered: 18 years ago Posts: 3 520 |
Generally reading ARP entries should work on any compatible device, including Checkpoint firewalls. We try to extract ARP data from three SNMP views:
It's pretty strange that you can walk ipNetToPhysicalTable, while the Port Mapper fails to do so, granted the connection credentials are correct. Let me see what we can do about that.
- ipNetToPhysicalTable
- ipNetToMediaTable
- atTable
It's pretty strange that you can walk ipNetToPhysicalTable, while the Port Mapper fails to do so, granted the connection credentials are correct. Let me see what we can do about that.
Anthony
Re: SNMP query L3 devices like Checkpoint firewalls 07 May 2018, 04:08 |
Indeed it's odd, when I walk the device with the following OID branch:
[root@lgmg ~]# snmpwalk -v3 -l authPriv -u watchdog -a MD5 -A XXX -x DES -X XXX 10.X.X.21 .1.3.6.1.2.1.4.35.1.4I get responses OK:
IP-MIB::ipNetToPhysicalPhysAddress.21.ipv4."1X2.1XX.11.5" = STRING: XX:XX:e0:89:52:43 IP-MIB::ipNetToPhysicalPhysAddress.21.ipv4."1X2.1XX.11.102" = STRING: XX:XX:ac:68:e7:e4
Re: SNMP query L3 devices like Checkpoint firewalls 08 May 2018, 07:56 |
Admin Registered: 18 years ago Posts: 3 520 |
Re: SNMP query L3 devices like Checkpoint firewalls 10 May 2018, 07:12 |
Admin Registered: 18 years ago Posts: 3 520 |
It turned out that Checkpoint devices didn't like when Max-Repetitions (batch size) was set to 100 in SNMPv3 requests. When reduced to 50 it started working.
We have released version 2.0.11 that fixes this issue, and as a bonus correctly handles IPv6 addresses received from routers. Please download the updated Port Mapper from its home page and let me know how it works for you.
We have released version 2.0.11 that fixes this issue, and as a bonus correctly handles IPv6 addresses received from routers. Please download the updated Port Mapper from its home page and let me know how it works for you.
Anthony
Re: SNMP query L3 devices like Checkpoint firewalls 10 May 2018, 11:57 |