The Network > Network Monitor page provides a flexible mechanism for monitoring network path viability. The results and status of this monitoring are displayed dynamically on the Network Monitor page, and are also provided to affected client components and logged in the system log.
The Status column elements displays the status of the network connection to the target:
|
1
|
|
•
|
Name - Enter a description of the Network Monitor policy.
|
|
•
|
Probe Target - Select the Address Object or Address Group to be the target of the policy. Address Objects may be Hosts, Groups, Ranges, or FQDNs object. Objects within a Group object may be Host, Range, or FQDN Address Objects. You can dynamically create a new address object by selecting Create New Address Object.
|
|
•
|
Next Hop Gateway - Manually specifies the next hop that is used from the outbound interface to reach the probe target. This option must be configured for Explicit Route policies. For non-Explicit Route policies, the probe uses the appliance’s route table to determine the egress interface to reach the probe target. If a Next Hop Gateway is not specified, the probe assumes that the targets are directly connected to the Outbound Interface's network.
|
|
•
|
Local IP Address - Select the local IP address from the drop-down menu.
|
|
•
|
Outbound Interface - Manually specifies which interface is used to send the probe. This option must be configured for Explicit Route policies. For non-Explicit Route policies, the probe uses the appliance’s route table to determine the egress interface to reach the probe target.
|
|
•
|
Port - Specifies the destination port of target hosts for TCP probes. A port is not specified for Ping probes.
|
|
3
|
From the Probe type drop-down menu, select the appropriate type of probe for the network monitor policy:
|
|
•
|
Ping (ICMP) - This probe uses the route table to find the egress interface and next-hop for the defined probe targets. A Ping echo-request is sent out the egress interface with the source IP address of the egress interface. An echo response must return on the same interface within the specified Response Timeout time limit for the ping to be counted as successful.
|
|
•
|
TCP - This probe uses the route table to find the egress interface and next-hop for the defined probe targets. A TCP SYN packet is sent to the probe target with the source IP address of the egress interface. A successful response will be counted independently for each probe target when the target responds with either a SYN/ACK or RST via the same interface within the Response Timeout time window. When a SYN/ACK is received, a RST is sent to close the connection. If a RST is received, no response is returned.
|
|
•
|
Ping (ICMP) - Explicit Route - This probe bypasses the route table and uses the source IP address of the interface specified in the Outbound Interface drop-down menu to send a Ping to the targets. If a Next Hop Gateway is not specified, the probe assumes that the targets are directly connected to the Outbound Interface's network.
|
|
•
|
TCP - Explicit Route - This probe bypasses the route table and uses the source IP address of the interface specified in the Outbound Interface drop-down menu to send a TCP SYN packet to the targets. If a Next Hop Gateway is not specified, the probe assumes that the targets are directly connected to the Outbound Interface's network. When a SYN/ACK is received, a RST is sent to close the connection. If a RST is received, no response is returned.
|
|
•
|
Probe hosts every - The number of seconds between each probe. This number cannot be less than the Reply time out field. The default value is 5 seconds.
|
|
•
|
Reply time out - The number of seconds the Network Monitor waits for a response for each individual probe before a missed-probe will be counted for the specific probe target. The Reply time out cannot exceed the Probe hosts every field. The default value is 1 second.
|
|
•
|
Probe state is set to DOWN after - The number of consecutive missed probes that triggers a host state transition to DOWN. The default is 3 missed intervals.
|
|
•
|
Probe state is set to UP after - The number of consecutive successful probes that triggers a host state transition to UP. The default is 3 successful intervals.
|
|
•
|
All Hosts Must Respond - Selecting this checkbox specifies that all of the probe target Host States must be UP before the Policy State can transition to UP. If not checked, the Policy State is set to UP when any of the Host States are UP. This option is disabled by default.
|
|
•
|
RST Response Counts As Miss - Selecting this checkbox specifies that an RST response counts as a missed response.
|
|
6
|
Click Add to submit the Network Monitor policy.
|
When configuring a static route, you can optionally configure a Network Monitor policy for the route. When a Network Monitor policy is used, the static route is dynamically disabled or enabled, based on the state of the probe for the policy. For more information, see Probe-Enabled Policy Based Routing Configuration .