Site to site tunnel status alert in logs
JamesD
Newbie ✭
Hello,
We have multiple sites where our Sonicwall (NSA 3600) connects via a tunnel (site-to-site, IKE PSK) and we want to set up email alerts in case one of the goes down. Basically, we want an alert that acts like the green light signal on the VPN settings page. When I go to the log settings there are soooo many possibilities. Which is the best for a basic up/down alert that we could use?
I know we could set probes and get alerts for those under Network Monitor, but doing this seems like it's not optimal.
Thanks,
-James
Best Answer
-
CORRECT ANSWER
shiprasahu93
Moderator
Hello @JamesD ,
I would suggest using log automation for alerts with the following log set to Alert. Navigate to MANAGE | Log Settings | Base Setup | VPN -> VPN IPsec -> IPsec Tunnel Status Changed set to Alert.
The email that you will get, should look something like below
12/04/2019 3:55 427 VPN VPN IPsec IPsec Tunnel Status Changed Standard Note String Information Tunnel Down. policy 5(Capital One SFTP Prod), Dst x.x.x.x - x.x.x.x, Src x.x.x.x - x.x.x.x, GW x.x.x.x, inSpi 0x58964542, Reason: Remove IPSec SaNode IPsec Tunnel status changed
It shows the actual IP addresses, I have replaced it with x over here as I don't want to reveal them.
You would need to set up log automation and specify the email address as below.
This is specific to Office 365, but you can specify your own exchange server, if any.
I hope that helps!
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
6
Answers
Hi @JamesD ,
To add on to the existing information, Please follow the KB below for the Log Automation if you want to send Alerts to Gmail or Yahoo.
Also you can use the SonicWall Analytics for the detailed log reports , The link below provides brief details regarding Analytics.
Nevyaditha P
Nevyaditha P
Technical Support Advisor, Premier Services