This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gabriel_Support
Contributor
‎2018-11-07 05:37 AM

Syslog Over TCP

Hi Team,

I know by default syslog uses UDP 514, is there a way to enforce TCP use when sending logs from the checkpoint side?

I am thinking since syslog uses both TCP and UDP and the port number is the same, if the syslog server is configure to accept only TCP, checkpoint should be able to work with that.

If there is a way to force checkpoint to send the logs over TCP, please let me know.

3 Replies
JozkoMrkvicka
Authority
Authority
‎2018-11-07 02:09 PM

Create NAT rule?

Original Source: firewall

Original Destination: Syslog server

Original Service: udp_514

Translated Source: original

Translated Destination: original

Translated Service: tcp_514

Kind regards,
Jozko Mrkvicka
0 Kudos
Gabriel_Support
Contributor
‎2018-11-08 05:29 AM
In response to JozkoMrkvicka

Well, implied rules come first before any other rules so that mean--I have to disable the implied and create explicit rule. 

Checkpoint should be able to decide what services it should use base on the server setting--if the server is configure to use tcp 514--send logs using that but I dont think it do--which is sad to say.

0 Kudos
Marcos_Vieira
Contributor
‎2022-03-24 06:22 AM
In response to JozkoMrkvicka

Sorry, but NAT does not work this way. It can change port numbers, but not protocols. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top