CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: tcpdump on X-80 vapgroup

  1. #1
    Join Date
    2013-02-06
    Posts
    2
    Rep Power
    0

    Default tcpdump on X-80 vapgroup

    I am having issue with tcpdump executed in a vapgroup on X-80. The filters src; dst; proto; host are not working. I can only run the command on a specific interface and grep for the needed IP address but this is not very effective... i just need to be able to sniff for traffic b/w specific src and dst..

    I will appreciate any advice if the command is intentionally limited or there are some other options and arguments to run it. :)

    the Checkpoint version running on the APM is Check Point VPN-1(TM) & FireWall-1(R) R75.40 - Build 275.
    It is not VSX, only 1 firewall is running on our APM.

  2. #2
    Join Date
    2014-04-04
    Posts
    1
    Rep Power
    0

    Default Re: tcpdump on X-80 vapgroup

    Old thread, but hey - you get an answer :)

    If you are trying to capture traffic on a particular VLAN interface you will have to add the VLAN key word, with the "AND" and whatever other filters you need. For example use the following command to capture traffic too and from host 10.108.64.64 on interface int2.101 :-

    tcpdump -i int2.101 vlan and host 10.108.64.64

    Without the VLAN keyword you will not see any traffic.

Similar Threads

  1. tcpdump problem
    By r_balest in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 6
    Last Post: 2013-07-28, 20:28
  2. Does this tcpdump result has any error?
    By shmilyh in forum Check Point SecurePlatform (SPLAT)
    Replies: 5
    Last Post: 2009-07-22, 13:02
  3. tcpdump syntax...
    By evo22 in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2008-01-15, 13:38
  4. tcpdump on SPLAT
    By dsundar in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 2
    Last Post: 2007-06-18, 09:39
  5. Tcpdump question?
    By klouse in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 4
    Last Post: 2006-08-31, 15:49

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •