This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
007_mjn
Contributor
‎2023-03-30 10:03 PM

Not receiving logs on management server

My gateway is connected through Public IP address to Management server  and I can't receive logs on management server.

what's the best solution to get logs from gateway to management server.

0 Kudos
11 Replies
PhoneBoy
Admin
Admin
‎2023-03-30 10:13 PM

A simple topology diagram would be helpful, including any device performing NAT.
The version/JHF level of relevant components is also helpful.

0 Kudos
007_mjn
Contributor
‎2023-03-30 11:38 PM
In response to PhoneBoy

The JHF version are up to date and  No Nat rule used.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2023-03-31 06:01 AM
In response to 007_mjn

So that we understand both the Management & Gateway have public IPs?

CCSM R77/R80/ELITE
0 Kudos
007_mjn
Contributor
‎2023-04-05 04:07 AM
In response to Chris_Atkinson

No, Gateway have public IP and Management have private IP.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2023-04-05 04:55 AM
In response to 007_mjn

In this case some form of NAT is most likely required for the communication path to succeed.

Some additional useful commands depending on the specifics may include:

show security-management

set security-management local-override-mgmt-addr "true" mgmt-address "<ip>" send-logs-to "<option>"

CCSM R77/R80/ELITE
0 Kudos
007_mjn
Contributor
‎2023-04-05 10:13 PM
In response to Chris_Atkinson

I have ten firewall connected to this management server in which 8 are connected through MPLS and 2 are connected through public IP. the firewall connected through MPLD are properly working but Public IP gateway don't send logs to management server.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2023-04-05 10:30 PM
In response to 007_mjn

Please see:

https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_SecurityManagement_AdminGuid...

CCSM R77/R80/ELITE
the_rock
MVP Diamond
MVP Diamond
‎2023-04-06 05:02 AM
In response to 007_mjn

I agree with Chris 100%...the link he gave you is most likely what you need to follow.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2023-03-31 06:32 AM

Did this ever work? Can you make sure below is enabled?

 

Screenshot_1.png

 

Screenshot_2.png

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
007_mjn
Contributor
‎2023-04-05 04:06 AM
In response to the_rock

yes both are enabled and I have SMB box 1530.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2023-04-05 05:53 AM
In response to 007_mjn

I think as @PhoneBoy suggested, simple diagram would help (even basic windows paint drawing would do honestly).

Cheers,

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events