Browsing All Posts published on »August, 2011«

fw monitor – the missing table

August 22, 2011

0

For the fw monitor Checkpoint has wrote a dokumentation with the name fw_monitor_rev1_01.pdf. This document is old and – I guess – was never updated with the missing features that can be used to filter with fw monitor. There is a table that I got actually from the site: http://yurisk.info/2009/12/12/fw-monitor-command-reference/ I just copy it here […]

Certificate mapping to anyconnect tunnel-group II. – Special mapping

August 22, 2011

0

The users connects with Anyconnect client with IPSec to the ASA firewall. Lets say we have 2 Certificate Authorities (with the issuername IssuerA and IssuerB) and the users are mapped to tunnel-groups according to the issuer. A user called Terry Wood needs SSL as he works in a Hotel and the local proxy enables only […]

Checkpoint firewall debugging basics

August 9, 2011

0

To debug a checkpoint firewall is not a big deal, but to understand the output is in many cases imposible for those NOT working at Checkpoint. I write here not about the exact analysation with debugging, just a ‘how to collect the required informations’ that may speed up the troubleshooting. 1. Reset the debugs to […]