All modern Operating Sytems today provide extensive logging facilities, and Linux on which Checkpoint products are based is no exception. I talk about the SSHD daemon, not Secure Rules, logs. The SSHD logs, located in /var/log/ are rotated by default every 4 logfiles. I found it very useful to …
Updated: 07 July 2020 This is a quick reference sheet of all usable options for the fw monitor tool .At the end I put a list of fw monitor examples. The previous experience with the tool is assumed, i'll just say that if you are serious about debugging Checkpoint products …
You may need to download a remote file (usually IOS image, but anything goes) to the Cisco router via HTTP. The command is simple, but be aware of few caveats: Router# copy http[:full URI specification] flash[: local path to save the file] The caveats you should know: - router first …
You can get mail lerts on SSH login to any Linux server using the script below. This script sends mail to predefined email address each time someone successfully logs in by SSH to the machine. I take advantage here of the built-in feature of the OpenSSH daemon – if you create …
Update 2022: This article was written for UTM-1 appliances, the first appliance offered by Checkpoint in 2009. It is no longer available, nor exists anywhere, to the best of my knowledge. The procedure of reinstalling a Checkpoint Appliance (new ones) has changed, and became much easier. So, see this article …
Linux Windows FreeBSD Solaris CISCO routers (IOS) Juniper routers (JunOS) Ping. Many times while debugging network problems of various kinds you need to send some packets of desirable size and don’t fragment bit being set. I list below how to do it for the different equipment/OSes. Let’s …
Funny case of WYSIWYG misleading the uninitiated. The case involved a seemingly normally functioning firewall Checkpoint which after a client created rule to allow FTP from any to his server in DMZ (no Nat involved) refused to allow connections though. The client being quite experienced himself entered SmartViewTracker did filter …
Note: This post was written for FortiOS version 2.8 and 3.x so some commands have changed, for updated debug steps please read Failed to connect to Fortiguard servers verification and debug updated Today I encountered otherwise easy to diagnose misconfiguration only that Fortinet decided to 'hide' this parameter …
Sometimes you can't set duplex/speed settings of the Fortigate interfaces. Important note: depends on which interface you are trying to set!. Upon careful examination turns out that you can't set duplex/speed settings of 4-port switch interfaces only, i.e. Internal interface of Fortigate 60, 60M, 100A, 200A, and …
Problem: Enterprise is under Denial Of Service Attack (DDOS) that brings down key elements of the business or the whole network at all. To track the attacker is the first step in handling the attack and unless the flood is coming from inside (most probably not in a well managed …