Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nflnetwork29
Advisor
Jump to solution

How do recreate masters file ?

I'm trying to follow sk146112 however my masters file will not update . is there any way i can recreate this file ?

I've tried everything . please advise. 

 

Ruining R81.10 Take 81

0 Kudos
1 Solution

Accepted Solutions
nflnetwork29
Advisor

HI @PhoneBoy 

 

Because my MDM and MDLM are external to the gateway in this scenario. 

We are using static NAT on the mgmt. and LOG objects. 

The gateway is sending logs tcp/257 to the private ip of the MDM and MDLM. This is not going to ever work . It HAS to be the NAT'd IP address (Public IP) 

 

That being said i got it working . I created a dummy object in smart consoled and used that for the logging destination . its working . 

View solution in original post

0 Kudos
8 Replies
the_rock
Legend
Legend
0 Kudos
nflnetwork29
Advisor
Symptoms
  • $FWDIR/conf/masters file on Security Gateway was modified manually. However, this file is overwritten during each policy installation.

just want to say that it does not appear that my masters file is being overwritten ....

ive modified the masters file but when i  run the following for example "tcpdump -nnei any port 257"

it does not reflect these changes

i tried to delete the file but it does not allow me to do that  

0 Kudos
the_rock
Legend
Legend

The link I gave gives steps to preserve manual changes. Isnt that what you want to achieve?

0 Kudos
nflnetwork29
Advisor

that is working. i have no problems with the masters file being overwritten 

 

the problem is that its still not working . 

0 Kudos
the_rock
Legend
Legend

Sorry, not trying to be difficult, but what is NOT working? Firewalls are not logging to mgmt server or something else? Can you provide content of masters file?

0 Kudos
PhoneBoy
Admin
Admin

When you say "tried everything" what precise steps did you take?
What result did you expect?
What happened instead?
Pretty sure modifying this file requires a cprestart, or at the very least a policy install action.

A better question is: why are you modifying this file in the first place?
There is generally ways to accomplish what this file does via SmartConsole configuration.

0 Kudos
nflnetwork29
Advisor

HI @PhoneBoy 

 

Because my MDM and MDLM are external to the gateway in this scenario. 

We are using static NAT on the mgmt. and LOG objects. 

The gateway is sending logs tcp/257 to the private ip of the MDM and MDLM. This is not going to ever work . It HAS to be the NAT'd IP address (Public IP) 

 

That being said i got it working . I created a dummy object in smart consoled and used that for the logging destination . its working . 

0 Kudos
PhoneBoy
Admin
Admin

The Dummy Object workaround used to be documented here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
It is still listed in the internal comments, but it shouldn't be necessary in current versions...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events