Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jose_Ramon_Rodr
Participant

How can a specifc VS be reached from a SmartCenter with the sk103154 script?

Hi.

We are trying to implement the sk103154:

How to block traffic coming from known malicious IP addresses

We got to send from a SecurePlatform SmartCenter (no MDS) the script to the Gaia firewall VSX 0 but we haven't found the way to send it to another VS under it. If we specify the name of the firewall in SmartDashboard it doesn`t work. The IP of the Gateway Object of those specific VS aren't reacheable for the SmartCenter.

Any ideas?

Thanks.

0 Kudos
7 Replies
Danny
Champion Champion
Champion

Hi, your SmartCenter is still running on SecurePlatform? Time for an upgrade mate.

However, you can't login into a VS directly. So you need to adjust the script to login into the vs0 first and then change to the relevant VS id.

0 Kudos
Jose_Ramon_Rodr
Participant

Actually, it's the lab environment: in production we have recent hardware and software versions and probably won't have this issue becouse I hope we'll be able to reach the gateways by their names. But we wanted to test the solution previously there.

I'll study the script, thank you.

0 Kudos
Jose_Ramon_Rodr
Participant

By the way... that adjustment in the script should be done also in production environment if it has MDS to VSXs? Or it is just with SmartCenter to VSX?

Thanks.

0 Kudos
Danny
Champion Champion
Champion

It's the same in your production environment as you can't login into a VS directly.

0 Kudos
Jose_Ramon_Rodr
Participant

So sk103154 script only works in stand-alone environments where management server can reach directly the firewalls, doesn't it?

0 Kudos
Maarten_Sjouw
Champion
Champion

What type of script are you actually trying to run on the VS? It may help us help you to know what you are trying to achieve, is it the block_IP script from that SK or is it something else?

Maybe you should look at cprid_util, a tool to run commands/scripts from the management server. see SK106490

Regards, Maarten
0 Kudos
Jose_Ramon_Rodr
Participant

It's the SK script. We made it work but only connected with the VS 0: we couldn't give the VS X as an argument via the text file where you assign the gateways you want to be covered by it.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events