This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
raos
Explorer
‎2023-03-18 02:37 PM

query rules in checkpoint securemote

hello experts,

i am newbie 

need to learn how to query rules in secuRemote

a url enabled in BigIP F5

find various hops happening in secuRemote until my request reaches the internet

inputs appreciated !

thanks!

rao

 

0 Kudos
6 Replies
PhoneBoy
Admin
Admin
‎2023-03-19 08:18 PM

Not sure what you mean by “rules” in this context.
What is the precise issue you’re having?

Not sure how an F5 box relates here.
Please state versions of all related Check Point components (gateway and client) and provide a network diagram.

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2023-03-19 08:30 PM

Hey @raos ...welcome to the community! Just to make it easier for everyone, we always appreciate when people provide as many details as possible. As @PhoneBoy indicated, it would be nice if you could tell us exactly what you are exactly trying to do here, ie what rules are you referring to? Only rules I can think of when it comes to secure client would be secure client verification feature, unless you are referencing something related to regular security rules.

Also, I believe F5 is mostly used as load balancer, so not sure how thats releted in thos context. And yes, simple diagram helps, even if you draw something basic in paint in windows : - )

Cheers mate.

Andy

Best,
Andy
0 Kudos
raos
Explorer
‎2023-03-21 11:03 AM
In response to the_rock

thank you for the follow up team

my bad for the incomplete info in the prior post.

Let me try to explain.. 

To enable single sign-on for an application, I have these tools in place..

LTM, APM in BigIP F5 - virtual server, policy are defined in here

       - I have access to these

route53 in AWS - dns records are in here

      - I can verify with nslookup

checkpoint VPN / secuRemote  - publicIP is mapped with the internal IP defined in LTM BIG IP F5

    I do not have access to checkpoint vpn / secuRemote

            - how to query / view the contents of checkpoint appliance

 

Q - To make sure all above components are configured correct, I need to view the contents defined in checkpoint/secuRemote appliance.

 

Is there similar way like

-- powershell to query / view AD objects

-- ldapsearch to query / view openLDAP etc

 

inputs appreciated

0 Kudos
PhoneBoy
Admin
Admin
‎2023-03-21 11:42 AM
In response to raos

The only thing you can get on the client itself is the encryption domain (i.e. the destinations the client will send across the VPN).
This can be found by simply reviewing the routing table before and after connecting to the remote site.

In terms of reviewing the configuration on the gateway itself, there are multiple ways to do this.
However, all of them require explicit access being granted to the Check Point management to do it (either with SmartConsole, API, CLI, etc). 

raos
Explorer
‎2023-03-23 04:58 PM
In response to PhoneBoy

Thank you for the details.

Curious, is there any way I can connect via Postman (API) to the gateway and trigger a lookup or query. Please review below..

I can request my network team to create - Read Only account in gateway

In Postman tool plug-in above read only cred's

Trigger a lookup query against gateway.

 

Inputs appreciated !

 

0 Kudos
PhoneBoy
Admin
Admin
‎2023-03-23 06:11 PM
In response to raos

There isn’t a formal API to query the contents of the installed policy on the gateway.
The only possible way to do this is run-script to execute the necessary CLI commands.
Whether these commands contain the information you’re looking for is a separate question.

As stated previously, the best way to do this is through access to the management server API.
It is possible to grant read-only access to it.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events