Deleting IKE/IPsec security associations of established VPNs is inevitable part of any VPN related debug. The standard tool promoted by Checkpoint (take CCSA,CCSE etc.,) is vpn tu that neveretheless has always had a very annoying bug (feature?) – you can delete ALL VPN tunnels at a time and none individually !! It indeed presents option [...]
Sep
23
2008
23
2008
Sep
21
2008
21
2008
Autologin Expect scripts for telnet/ssh
Tired of typing over and over your username/password when using
telnet/ssh ? Here are Expect http://expect.nist.gov/ scripts to autologin by Telnet and ssh
Notes:
- Yes, it is not secure to keep you username/password saved somewhere, so know
what you do . In my opinion as long as this
is a dedicated for remote logins server, that has no access [...]
Sep
15
2008
15
2008
SSH session timeout in Checkpoint NG/NGX
Ever got swearing when in the middle of fw monitor / debug session you got abruptly thrown on session timeout ?? Me too. While thinking naively ssh timeout is managed by sshd/ssh configs I was suprised to know CP did it their way.
Turned out here we get definitions for interactive session : cat /etc/bashrc
<CUT>
# By default, [...]
Sep
10
2008
10
2008
Telnet from inside Checkpoint firewall
Yesterday I saw a strange problem – connection from outside to Exchange in a LAN times out, while in Tracker all connections to port 25 are in green. Strange was that through VPN client-to-site and from inside LAN all worked prefectly well. So I wasn’t sure 100% it wasn’t a firewall causing this. The next [...]
Sep
6
2008
6
2008
Esafe defaults and some debug commands
As any other box esafe comes with some default configs , to much of my surprise it takes too long to find them in the Esafe docs, so here they are:
eConsole TCP port: 43970
eConsole UDP port: 43982
Webmin TCP port: 37233 - https to eSafe, when installed on linux [last eSAfe to support
Windows was eSafe 6 FR2] [...]
Sep
6
2008
6
2008
find quicky
The few find templates I find useful in a day to day job.
The ones below were of great help when I had to clean Esafe that had more
than 100,000 files in the spool ! So usual shell wild-card expansion didn’t work
(try to do ls in a folder with 130000 files So I removed [...]