https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213812#M4744 <P>You can ask TAC for an official answer to this, but I believe what&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>&nbsp;said is true. Now, keep in mind one thing, you canNOT ssh to cloud mgmt instance yourself, thats not allowed. You can open API instance, but its limited as far as things you can do. Also, you can restart it yourself ie cpstop;cpstart, but only TAC can do an actual reboot.</P> <P>Andy</P> Thu, 09 May 2024 22:29:28 GMT the_rock 2024-05-09T22:29:28Z https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213789#M4742 <P>Hi,<BR /><BR />We have a following setup:<BR /><BR />Two Checkpoint clusters - one in Azure, one on premises. They are connected via the VPN.&nbsp;</P><P>We have built a log server in Azure, and would like to send the logs from the on premises boxes to this log server.&nbsp;<BR /><BR />However, the logs are not arriving on the log server, they aren't even arriving on the Checkpoints in Azure - they seem to be blocked by the implicit rule.&nbsp;</P><P>We don't have a management server, we use Smart Cloud.&nbsp;<BR /><BR />We edited the masters file to point the on premises logs to the internal IP of the log server, rather than the Smart Cloud IP, however the logs still seem to be send out to the log server's Smart Cloud IP (according to the logs in Smart Console).&nbsp;<BR /><BR />Is there any way to make it work? I found a way to override the implicit rule, but this is only applicable to the SMS server, which we don't have.&nbsp;<BR /><BR />Regards,<BR />Sandgirl</P> Thu, 09 May 2024 15:29:38 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213789#M4742 Sandgirl 2024-05-09T15:29:38Z https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213795#M4743 <P>Smart-1 Cloud-managed gateways can only send logs to Infinity Portal.<BR />This is by design.</P> Thu, 09 May 2024 15:53:10 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213795#M4743 PhoneBoy 2024-05-09T15:53:10Z https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213812#M4744 <P>You can ask TAC for an official answer to this, but I believe what&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>&nbsp;said is true. Now, keep in mind one thing, you canNOT ssh to cloud mgmt instance yourself, thats not allowed. You can open API instance, but its limited as far as things you can do. Also, you can restart it yourself ie cpstop;cpstart, but only TAC can do an actual reboot.</P> <P>Andy</P> Thu, 09 May 2024 22:29:28 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213812#M4744 the_rock 2024-05-09T22:29:28Z https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213907#M4749 <P>Hey Sandgirl,</P> <P>Just out of curiosity, I remembered this post when I spoke with escalation guy about a different case and he confirmed what&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>&nbsp;said is indeed the case, so it is by design.</P> <P>Have a nice weekend.</P> <P>Andy</P> Sat, 11 May 2024 12:56:47 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Sending-checkpoint-logs-over-the-VPN-to-the-log-server/m-p/213907#M4749 the_rock 2024-05-11T12:56:47Z