KBI 311800 Best And Most Secure Way To Safely Monitor Check Point VPN Status


Argent for Compliance – All Versions


Thursday, 12 March 2020


The Check Point appliance supports all kinds of VPN tunnels

The most common one is IPsec

A VPN tunnel may drop without warning, and active monitoring is essential to alert on dropped tunnel(s)

Technical Background

A VPN tunnel may drop due to many reasons, including the following:

  • High latency between sites
  • WAN gateway IP change
  • Power outages
  • Tunnel misconfiguration


  1. Login to the Check Point appliance and configure it to send logs to any of your Argent server’s IP addresses
  2. Go to Argent Compliance SYSLOG Rules and create a new Rule with the below settings:
  3. The search text is: “no response from peer.” fw_subproduct=”VPN-1″ peer_gateway=”X.X.X.X”

    Substitute X.X.X.X with the IP gateway address of the remote location to monitor (only if a specific tunnel is to be monitored)

  4. If monitoring of more than one tunnel from the same Argent Rule is desired, then the search string should be: “no response from peer.”