If you understand the inspection points in Check Point and can use FW Monitor to get the required logs/captures then you can read further on how how to analyze those logs.
So to start off with, lets see what the different fields are in the above picture of a sample log from the console;
It is quite simple to see if a pool member failed it’s health check by checking the pool status via GUI/CLI and the ltm logs also give you more information on the time lines when the pool went down/up;
cat ltm | grep
But what if you’ve configured a custom health monitor for a particular pool and now that pool is down and you know it’s the monitor that is failing it. You’ve verified that the F5 is indeed sending the F5 monitor traffic to the nodes. You run some captures on the interface or on an intermediary firewall and see the node is sending replies as well. Now, what if you want to check the contents of the server’s response during that time from the F5 itself?
So here’s the step-by-step instructions you need to follow to effectively get that information;
OSPF Neighbor relationship process
1. Determine the Router ID
- It is the router’s name in the OSPF process. It’s always advisable to hard code the router-id.
- Router-id > Loopbacks > Active Physical interface IP
2. Add interfaces to the link state database, done by the network command
3. Send a Hello message on chosen interfaces
||Every 10 seconds
|Non-Broadcast Multi-access Networks (NBMA)
||Every 30 seconds
Our ASR 1001 had a hardware failure with the SPA Interface Processor and we had to file an RMA for it. Once we got the device to the data center and started loading up the config, we realized it required the ‘advipservices’ and ‘ipsecurity’ licenses which were being used on the old router. After speaking to the licensing support team, they explained to us that we can get a license transfer in this case as this is a replacement device. We gave the serial number of the old router and the new router with the RMA and SR number that was raised with them and she sent us a .lic file that can be loaded on the new ASR router.
If you have been looking for this, here’s another way to get this done; (A phone call to Cisco is definitely a better option with the below information handy)