authenticated mode of fw loggrabber for NG using ssl_opsec

[crashpoint]

hi

i am implementing fw1 loggrabber 1.11.1 linux version for pulling logs from checkpoint NG firewall. As per the man page of fw1 loggrabber I tried out connection via unauthentication and it work perfectly.

Then when i tried using ssl opsec for authentication and followed the steps in the man page as

created SIC object and add the CN and create the activation key for pulling certificate

know the server DN name

use fw putkey -ssl -p <pwd> <client ip> at firewall and bounce it

on the client side i modified my lea.conf file as follows

lea_server ip <ip>
lea_server auth_port 18184
lea_sever auth_type ssl_opsec
opsec_sslca_file /usr/bin/fw1-loggrabber/bin/opsec.p12
opsec_sic_name "CN=<client name>,O=proliant60..k6qsw8";
lea_server opsec_entity_sic_name "cn=<server name>,o=proliant60..k6qsw8"

using the opsec tools put in the key as

opsec_putkey -ssl -p <pwd> <server ip>

and certification pull command

opsec_pull_cert -h <server ip> -n <client name> <activation key>

I got the message saying key saved to certificate and lead to creation of opsec.p12 in my directory /usr/bin/fw1-loggrabber/bin

then when i issued the comand "fw1-loggrabber --online" i did not get any output and the command prompt was returned back. The return status of last command when i checked via echo $? i got output 0

I am not able to figure out where i went wrong. Can anyone please help me out here? Thanks in advance.

bye