This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HansKazan
Contributor
yesterday

Question regarding logging for remotely managed Gateway used for S2S VPN

Hello CheckMates

I have to establish a VPN S2S tunnel with a remotely managed CP-GW. To prepare, I have simulated the environment in my lab (R81.20 JHF 84) and noticed that no amount of NAT or packet manipulation let my "on-prem" SMS receive the logging originating from the VPN-GW.

After following this sk, it worked.
https://support.checkpoint.com/results/sk/sk111954

This leads me to the following questions below.

  • Could someone please elaborate how and why this works on a technical level and if a more modern approach exists that I may have overlooked if the modern answer deviates from what is written in the sk?
  • Additionally, what change or impact does this change to the implied_rules.def file have for the locally managed CP Gateways? How does the functionality of log connections change, if at all, and what steps should then be taken.
  • Furthermore, why does port:257 not show up in the logging after the connection between the VPN-GW and SMS is established? Is it encapsulated in another protocol?

Thank you for your valuable time and input as always!

Labels
0 Kudos
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events