Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ashish_verma
Contributor

Packet Flow in Checkpoint Firewall

Jump to solution

Hello All,

I am very confused with the packet flow of checkpoint firewall. I have seen in many places fw ctl chain is referred to understand the packet flow but I am not able to interpret it.

Could someone please help me in understanding the packet flow in terms of

SAM

IP spoofing

Policy lookup

Dst NAT

route lookup

Src NAT

VPN

etc..

Even better if we can connect it with the output of fw ctl chain

I would really appreciate any comment.

0 Kudos
1 Solution

Accepted Solutions
5 Replies
Jerry
Leader
Leader

here you find everything (almost!) what you need reg. the CP packet flow:

sk116255

also Heiko Ankenbrand‌ posted some very useful diagrams recently ... look them up here Smiley Happy

Jerry
0 Kudos
Jerry
Leader
Leader
lance2022
Explorer

Hi Jerry,

I know it's an old post, but do you happen to know any other link which might help me to see those packets get dropped.

e.g: when the initial packet enters the slow path and gets dropped due to a missing firewall policy, how can I look this up.

if I run fw mon, I would only see the packet "i", but it has two places where the packet could get discarded. how to know it got discarded due to policy and not "drop template".
thanks a lot
Lance (Sonicwall :))

0 Kudos
_Val_
Admin
Admin
0 Kudos
ashish_verma
Contributor

Thank you Very much to all of you. Got the answer. Thanks again