Checkpoint - SNMP return 0 value when querying virtual systems

When trying to perform SNMP queries in an VSX environment, data related to virtual systems may be returned always as 0 value. By default, R77.10 and R77.20 vsx systems behave this way. For example, this is an SNMP query to get the concurrent connections of the phisical VSX and its virtual systems:

# /usr/bin/snmpwalk -v1 -c public 10.0.5.5 vsxCountersConnNum
CHECKPOINT-MIB::vsxCountersConnNum.1.0 = INTEGER: 75
CHECKPOINT-MIB::vsxCountersConnNum.2.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.3.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.4.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.5.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.6.0 = INTEGER: 0

• vsxCounternsConnNum.1.0 –> concurrent connections of physical of VSX
• vsxCounternsConnNum.2.0 –> concurrent connections of physical of VS1
• vsxCounternsConnNum.3.0 –> concurrent connections of physical of VS2…

The value for the VSX is returned (75) but the VS ones are incorrectly returned as 0.

To fix this problem, the value of the file $FWDIR/conf/amon_vsx_refresh_interval should be changed. Configures how frequently (in seconds) the SNMP data is updated. The recommended value is 30.

[Expert@vsx1:0]# echo 30 > $FWDIR/conf/amon_vsx_refresh_interval
[Expert@vsx1:0]#
[Expert@vsx1:0]# cat $FWDIR/conf/amon_vsx_refresh_interval
30

After waiting for a few minutes (5 more or less…)

# /usr/bin/snmpwalk -v1 -c public 10.0.5.5 vsxCountersConnNum
CHECKPOINT-MIB::vsxCountersConnNum.1.0 = INTEGER: 81
CHECKPOINT-MIB::vsxCountersConnNum.2.0 = INTEGER: 7000
CHECKPOINT-MIB::vsxCountersConnNum.3.0 = INTEGER: 15178
CHECKPOINT-MIB::vsxCountersConnNum.4.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.5.0 = INTEGER: 0
CHECKPOINT-MIB::vsxCountersConnNum.6.0 = INTEGER: 31458

Now data different to 0 value is returned for the virtual systems (all but VS3 and VS4 that in my scenario are virtual switches, no virtual firewalls)