Re: [FW-1] Log server

Subject:	Re: [FW-1] Log server
From:	"Harmon, Bill" <bharmon AT NSISOFTWARE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 24 May 2004 13:54:21 -0500

Well I found the answer on the Nokia website. Just in case anyone else
runs into the same issue. Here is the Nokia article.

Resolution 19585: How do I use Remote Management when the management
console is subject to Static NAT?

The article basically says to create a new checkpoint host with the
Public IP of the management station. Select SVN and log server

Go into logs and masters and set up the log server to point to the newly
created host.

Push the policy.

Bill Harmon

NSI Software Network Administrator


-----Original Message-----
From: Harmon, Bill
Sent: Monday, May 24, 2004 1:23 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Log server

NG AI Hotfix 2.

I've been using Automatic Nat with the check box enabled. Is there a
setting in the Global Policy that might force remote enforcement points
to use the nat address?

Bill Harmon

NSI Software Network Administrator


-----Original Message-----
From: Chris Hoff [mailto:choff AT CORNERSTONESECURITY DOT COM]
Sent: Monday, May 24, 2004 9:23 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Log server

Bill,

First of all, what version of Check Point are you running. I assume you
are probably running NG FP3 or greater. Also, how are you doing NAT for
the mgmt station? If you are doing manual NAT, you will probably want to
change that to Automatic NAT on the mgmt Station. In the NAT tab you
will notice there is a check box to "Apply for VPN-1 & FireWall-1
Control Connections." You will want to use this check box to eliminate
your problem.

Regards,

Chris

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Harmon,
Bill
Sent: Monday, May 24, 2004 8:05 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Log server

Good Morning,

I am having an issue with my implementation that I am hoping someone
else has seen/worked around.



I have 3 sites, site 1 is a Nokia IP350 VRRP site with 2 appliances. My
management station is behind this site. My other 2 sites are single
IP350.



I have a static NAT address set up for the management station. The issue
is that If I have the private IP address of the management station on
the general tab of the management station object, only the site 1
servers send logs. If I use the public IP on the general tab, only the
remote servers report their logs to the management station.



I can do a TCPdump and see that the enforcement modules are trying to
send to the IP address that is assigned on the general tab. I have a
host file setup on each Nokia with the private IP of the management
station on site 1 modules and the public IP on the remote modules.



Is there a way to force the modules to use the host file for address
translation instead of the rulebase objects?



Thanks



Bill Harmon

NSI Software Network Administrator




=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Log server, Harmon, Bill [FW-1] searching for a Smart Defense DOC, theG man Re: [FW-1] Log server, Chris Hoff Re: [FW-1] Log server, Harmon, Bill Re: [FW-1] Log server, Harmon, Bill <=

Previous by Date:	Re: [FW-1] Log server, Harmon, Bill
Next by Date:	Re: [FW-1], Mike Blanco
Previous by Thread:	Re: [FW-1] Log server, Harmon, Bill
Next by Thread:	[FW-1] GUI NG FP3 display problem for important rules base :, LAVRY Olivier
Indexes:	[Date] [Thread] [Top] [All Lists]