authentication failure

**PeterSmith78** · 2018-10-31

I know this isn't strictly a Checkpoint question but I'm trying Manage a policy on a Checkpoint Management server running R80.20 on a GAIA platform and I'm trying to deploy an Alogsec 2063 running version 2017.3. I can ssh from the Algosec to the Checkpoint Management server OK however when I try to connect using Algosec's "add new device" wizard I get "permission denied". I've looked at /var/log/messages on the Checkpoint but can't see anything there. I've contacted Algosec support with no success. Just wondered if anyone else has had similar issues?

**jflemingeds** · 2018-10-31

is it trying to login via ssh or via CPMI? If ssh maybe try changing the shell to bash. if CPMI i would check the audit logs.

oh.. or API i forgot about that. I think by default the API is only allowed to be used by localhost and you have to change that.

**PeterSmith78** · 2018-10-31

ok many thanks I will change shell to bash and see if that works

**jflemingeds** · 2018-10-31

If that doesn't help do a packet capture on the checkpoint device and see what service algosec is trying to use. From there it should be a little more clear on what to do.

something like..

tcpdump -ni $interacename host $ALGOSEC

replace $interfacename with the interface algosec is trying to talk to and $ALGOCSEC with the IP of the algosec server.

**Bob_Zimmerman** · 2018-10-31

I think you actually need two 'n' switches. The first one stops reverse domain lookup for IP addresses, while the second stops port lookup in /etc/services.

tcpdump -nni $interfacename host $ALGOSEC