CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
2. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
3. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > SmartDefense
Reload this Page Stormc prob - quick one
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-02-03
philofish philofish is offline
Member
  
Join Date: 2006-01-07
Posts: 32
Rep Power: 0
philofish has an average reputation (10+)
Default Stormc prob - quick one
Dear All

Have installed and setup the stormc file on the enforcement module etc etc

This is purely for pulling down the Block list not uploading logs

I get the following in smartview tracker

StormAgentName CPDShield: CPDShield
StormAgentAction: Reteiving IP block list
StormAgentMsg: failed to retrieve URL

Now i take it that Dshield wouldn't have updated the URL to point to somewhere else? I have been to the site and can indeed see the text file, which is a different URL to that in the stormcenters.conf file - is it just a case of modifying that file? HTTPS and HTTP etc are allowed

Many Thanks
Reply With Quote
  #2 (permalink)  
Old 2006-02-04
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,648
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Stormc prob - quick one
This is the firrst thing I've found...

To enable the Security Gateway to connect the Storm Center:

1) Configure an explicit rule for the Gateway to connect to the Storm Center.
2) Enable "accept outgoing packets originating from gateway" in Global Properties.
3) Install the Security Policy.

and.....

DShield.org has recently changed their web site SSL certificate with a different CA vendor, which has invalidated the root CA certificate that is originally included. The solution at present is to replace the root CA certificate on the firewall module and update the reference in the objects database:

1. Make a backup fo the %FWDIR%\conf\equifax.cer from the firewall module.
Remove the file %FWDIR%\conf\equifax.cer from the firewall module.

2. Copy the attached 'GTE_Root_CA.cer' to %FWDIR%\conf on the firewall module.

3. Stop the SmartCenter Server with 'cpstop'.

4. Backup and modify the %FWDIR%\conf\asm.C file and modify the following line:

storm_center_list:DShield:certificate_filename - change 'equifax.cer' to 'GTE_Root_CA.cer'.

5. Run 'cpstart' on the SmartCenter server.

6. Install the Security Policy to the gateway.

7. Run 'fwstop -proc' on the firewall module and then 'fwstart'.

----------------

I don't have access to the cert. You can open a call with support and get a copy.
Reply With Quote
  #3 (permalink)  
Old 2006-02-10
manfernandez manfernandez is offline
Junior Member
  
Join Date: 2006-02-10
Posts: 3
Rep Power: 0
manfernandez has an average reputation (10+)
Default Re: Stormc prob - quick one
Support with Checkpoint? Or should we send an eMail to DSHield?

Thanks
Reply With Quote
  #4 (permalink)  
Old 2006-02-11
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,648
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Stormc prob - quick one
I'd try both if you have a CHKP support contract.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 14:29.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0