Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
vas
Contributor

Checkpoint logging

Hi Experts,

We've a pair of checkpoint firewalls (A) which is about to forward logs to MLM via another checkpoint firewall (B) in the path.

As there is another checkpoint firewall in the data plane, will it be considered as a new connection (Source is Firewall A, Destination is MLM on TCP/257) and exhaust the connection table?

Please assist. Thank you.

0 Kudos
2 Replies
_Val_
Admin
Admin

1. It will be considered a new connection.

2. It will definitely NOT exhaust the connection table anywhere, the log transfer is very economical, as multiple logs are transferred through a continuous TCP session. The session is only reopened if communication fails. 

What is your concern?

0 Kudos
the_rock
Legend
Legend

Definitely should not have an issue. Make sure that on gateway settings in dashboard, when you edit the object, under optimization on the left, its selected to "automatically", as that would let firewall handle amount of connections on its own, based on memory, cpu etc. If I were you, I would ensure thats selected on any "affected" firewall.

0 Kudos