Hi Benjamin, my thought is whether to monitor on WAN or LAN port for FW as I have seen probe is down that monitor internal IP on other location via IPSec tunnel but not on the probe on VPN tunnel, so not sure is my setup is good or not.
In this case, I would do all my primary monitoring through the LAN interface as opening the outside interface to SNMP isn't the best practice. Then I would Ping something through the VPN on the other probe as a means of letting me know my VPN is up and connected.
Hi Benjamin, my current setup is what you say, just that the ping to the internal LAN via IPSec is down but the alert for the IPSec VPN is not showing. Correct me if I am wrong, if the ping to the internal LAN via IPSec is down meaning the IPSec tunnel to the Internal LAN is down, am I correct?
Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.