 | ||
 one enforcement point not logging | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2005-11-06 | |||
| |||
 one enforcement point not logging Hi all, Just wondering if anyone else has had an issue like this. Basically my CP management server receives logs from a number of FW enforcement points. All appears to be working correctly, but for one enforcement point not showing any logs or traffic in the tracker. The enforcement point is set to send logs to the menegement server, it can oing the management server and so on. The enforcement point is a Nokia ISPO so I was wondering is there a way to tell if this device is even generating logs. Thanks  |
| 2005-11-07 | |||
| |||
| Re: one enforcement point not logging Can you ping the Management station from the firewall that isn't logging? You may need rules to allow this. Can you ping the other way around? Again, may need rules. Can you push policies to the firewall? Can you fetch policies? You can do a tcpdump on the Nokia to see if it's trying to send the logs to the management station... i.e. tcpdump -i eth1 port 257. I used eth1 for my interface name, your's may be different. Use the interface that is pointing to the management station. Where is the management station in location related to the firewall? Is it directly connected, is it behind another firewall? Is it accessable to the firewall? Did this firewall ever log to the management station? Is the log file on the Nokia growing? You can check this by changing to $FWDIR/log and running an ls -al, checking the size of the fw.log file and running the ls -al command again and rechecking the size. Last edited by Lackie; 2005-11-07 at 11:27. |
| 2005-11-07 | |||
| |||
| Re: one enforcement point not logging Hi Lackie, Yes I can ping both ways. I can also push new rules and settings to the firewall from the management server. I will try the dump once I confirm the physical relationship. Not sure if it has ever logged as I have not been looking after the checkpoint system very long (I am in the deep end). The log file is growing but there is no information from this one enforcement point. The log contains entries from other enforcement points. Thanks |
| 2005-11-08 | |||
| |||
| Re: one enforcement point not logging Hi all, This has been resolved by creating another fw object set up with logging on it and pointing the fw enforcement point to this new object. The interetsing thing is that under the topology of the other FW management object that was not receiving logs the IP address had been manually added to the topology - but obviously was not working as one would expect. Thanks all |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
