Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Libor_Kovar
Contributor

Gaia Embedded predefined network objects meaning and details

Hello, where to find a definition of above ? For example "LAN networks", "VPN Remote access".

Mostly used in Standard policy, but I want to use them in manual rules.

Thanks

 

9 Replies
G_W_Albrecht
Legend Legend
Legend

You can double-click them to get the details !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Libor_Kovar
Contributor

Thanks for a reply, however how could I double click on them, they are not in objects list, only in Auto generated rules and in a selection list in for the manual rule.
0 Kudos
Libor_Kovar
Contributor

I mean PREDEFINED network objects
0 Kudos
Libor_Kovar
Contributor

... and the locally managed gateway
0 Kudos
G_W_Albrecht
Legend Legend
Legend

You only wrote"Predefined Network Objects" and i thought you mean the ones found in Users & ObjectsNetwork Resources > Network Objects: Create and edit network objects that will be used in the device's feature configuration.

Maybe you can post a screenshot showing your predefined network objects ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Libor_Kovar
Contributor

 

One can use them also in manual rule building.

Many thanks for replies

0 Kudos
G_W_Albrecht
Legend Legend
Legend

UTM600_predefined_objects.PNG

 

 

 

 

 

This is from Device > Network > Local Network and can be edited using a Double-Click.

I would suggest a good read to learn more : Check Point 600/700 Appliances Administration Guide R77.20.80 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Libor_Kovar
Contributor


Thanks for your reply. Honestly I expected something like : "look at $FWDIR\conf\objects.C" , not RTFM.

I wonder whether you can find in places you mentioned the exact difference between predefined objects like "VPN Remote Access" and "All identified users".

Why I am asking is not so trivial: fighting with 1590 app at 80.20.

Because I am not sure what LAN networks EXACTLY mean when used in standard policy, I decided to move to strict policy and replicate ther rules manually (My LAN networks consist of few port based network with VLAN on the most of them and Standard policy just allows LAN NETWORKS -> Any : Accept)
When I try to replicate my VPN Remote Access rule manually, when I use"VPN Remote Access" as a source, it ends with error 0351, which means as of google: unable to install policy, you have mess in object names (Which I don't have). When I put for example "All identified users" there, it works. For debugging it , I need to know predefined objects details.

Anyway, I appreciate your effort to help me.I will put it on a paid support.

Best regards LK
0 Kudos
G_W_Albrecht
Legend Legend
Legend

Strict policy will make much more troubles than gain, as i have learned from long experience - SMB locally managed should be just configured with only minimum effort using standard policy and build-in objects, and everything will run smoothly. Remember that this is Embedded GAIA only, and not GAiA with Dashboard and its possibilities !

Looking into $FWDIR\conf\objects.C is interesting, but mostly not helpful at all; since R80.xx all configuration is kept in SQL database instead of objects.C, and on SMB devices, there never was any objects.C file.

So the best to do IS always RTFM first and - in case of difficulties - contact TAC by chat to get a quick resolution.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events