Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ashish_verma
Contributor
Jump to solution

Packet Flow in Checkpoint Firewall

Hello All,

I am very confused with the packet flow of checkpoint firewall. I have seen in many places fw ctl chain is referred to understand the packet flow but I am not able to interpret it.

Could someone please help me in understanding the packet flow in terms of

SAM

IP spoofing

Policy lookup

Dst NAT

route lookup

Src NAT

VPN

etc..

Even better if we can connect it with the output of fw ctl chain

I would really appreciate any comment.

0 Kudos
1 Solution
7 Replies
Jerry
Mentor
Mentor

here you find everything (almost!) what you need reg. the CP packet flow:

sk116255

also Heiko Ankenbrand‌ posted some very useful diagrams recently ... look them up here Smiley Happy

Jerry
0 Kudos
lance2022
Explorer

Hi Jerry,

I know it's an old post, but do you happen to know any other link which might help me to see those packets get dropped.

e.g: when the initial packet enters the slow path and gets dropped due to a missing firewall policy, how can I look this up.

if I run fw mon, I would only see the packet "i", but it has two places where the packet could get discarded. how to know it got discarded due to policy and not "drop template".
thanks a lot
Lance (Sonicwall :))

0 Kudos
Timothy_Hall
Legend Legend
Legend

Command fw ctl zdebug + drop will show you all live packet drops in both SecureXL and the INSPECT Firewall Instances and why.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
_Val_
Admin
Admin
0 Kudos
ashish_verma
Contributor

Thank you Very much to all of you. Got the answer. Thanks again

Waver
Explorer

👍

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events