Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: checkpoint firewall log file issue

checkpoint firewall log file issue 12 years 7 months ago #11436

  • allan
  • allan's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 5
  • Thank you received: 0
A client calls me to check firewall logs to verify that his traffic is passing through a CheckPoint firewall. The firewall is CheckPoint NG FP3 running on solaris. The Management server is down because the unix team is applying patches to the management server. How do I check the logs on the firewall?

Please Log in to join the conversation.

Checkpoint logs 12 years 7 months ago #11454

The logs are held in a /log subdirectory beneath your main firewall directory, but I don't think you can just read them. I've only been on the basic FW1 admin course, but the instructor mentioned that there are a ton of command-line utilities that you can use directly on the enforcement module and I'm sure I remember reading the logs being mentioned. A trawl of the manuals might turn up what you need. Alternatively, could you copy the file out and read it using a different management console?

Please Log in to join the conversation.

Re: checkpoint firewall log file issue 12 years 7 months ago #11461

  • allan
  • allan's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 5
  • Thank you received: 0
thanks a lot, BTW, I'm some of confusion that the following commands
cpstart, cpstop, fwstart, fwstop, fw fetch, fwm load, fwm unload

which commands are working on the enforcement module (checkpoit) and which are working on the smartcenter server (console)?

Please Log in to join the conversation.

Commands 12 years 7 months ago #11488

I've sent you some notes on the command line commands in a PM

Please Log in to join the conversation.

Re: checkpoint firewall log file issue 12 years 6 months ago #11633

  • tiamat
  • tiamat's Avatar
  • Offline
  • Distinguished Member
  • Distinguished Member
  • Posts: 102
  • Thank you received: 0
'fw log -f' will log to the screen. You may also want to add '-n' to not resolve names. Ctrl-C to break out of it.

as for the commands you listed, most of them will work on both enforcement module and smartcenter, with the exception of the 'fwm' commands (the 'm' for management). If you try to run an 'fwm' command on an enforcement module, it will tell you that it's not a mangement server, and just error out.

Please Log in to join the conversation.

  • Page:
  • 1
Time to create page: 0.130 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup