Thread: Checkpoint not logging to SmartCenter Server
View Single Post
  #1 (permalink)  
Old 2006-09-30
fazrul fazrul is offline
Junior Member
  
Join Date: 2006-09-30
Posts: 16
Rep Power: 0
fazrul has an average reputation (10+)
Default Checkpoint not logging to SmartCenter Server
Hi,
I have the following problem with Checkpoint logging.

Here are details of my installation:
Unit 1:
NGX R61 running on Secure Platform
Installed with Checkpoint VPN-1 Express, SmartCenter Server and Eventia Reporter

Unit 2:
NGX R61 running Secure Platform
Installed with Checkpoint VPN-1 Express (enforcement gateway/module)
SIC configured and unit 1 and unit 2 working properly (rules, NAT, etc) can be configured.

Problem:
Unit 2 is not pushing logs to unit 1 (which is also the log server).

Detailed description:
1. I have 2 checkpoint installations. One is installed with VPN-1 Express and SmartCenter Server (plus eventia reporter). The other is installed with only VPN-1 Express (enforcement module installation). This second unit is be managed by the first unit. When the second unit was installed, I have defined the SIC and communication between these 2 units are fine. I am able to push the rules, etc from the SmartCenter to this enforcement gateway.

2. However, the enforcement gateway is not sending its logs to the SmartCenter. I have checked the settings in the enforcement gateway’s properties and its Additional Logging, Masters and Log Servers settings are already pointing to the Smart Center (this was automatically added during the installation of the enforcement module). However, the logs are not being sent to the SmartCenter. This causes me not able to use Eventia Reporter to generate reports for the enforcement gateway’s network traffic.

3. I have checked the knowledgebase and followed the guide explained in this page: https://secureknowledge.checkpoint.c....do?id=sk30891 but it does not work (I know that this article does not apply specifically to my case but the symptoms are similar).

4. My main concern is that I have installed Eventia Reporter in the SmartCenter Server (unit 1) and I would like to create reports for network traffic that goes through the second unit (enforcement module/gateway). But since the log of the second unit is not sent to the main unit, the report generation fails (No Relevant Data when I generate the report).

5. Communication between the main checkpoint and the enforcement gateway is not restricted (2 units are separated by a router and all traffic is allowed between these 2 units).

6. I have also checked the Global Properties as mentioned by the article in (2) but it does not help.

What else can I do to make sure the log is saved into the SmartCenter server (unit 1)? Thanks.
Reply With Quote