 Re: Antispoofing
There is no permissions profile that would allow you to read the objects database but not see the topology for the gateway. You wouldn't even be able to view the gateway to see that the anti-spoofing is not configured.
If you can access the objects and make changes you should be able to see the topology that is configured upon the check point gateway, as you would need read write access to the objects database to do this, and this would allow you to make changes to the interface information.
I believe from your description that there is a group called anti-spoofing but that the group is not actually defined on the gateway as being used with the interface
I would guess that anti-spoofing has been turned off on your check point gateway.
If you have network routing correctly configured correctly on your gateway then you should be able to do a Get Interfaces with Topology within the gateway object and that will correctly read the routing table to implement anti-spoofing based on your routing table.  |