I was just wondering whether do we have a method in Check Point GW to retrieve the actual encryption key and authentication key for a given IPSec S2S VPN? I am trying to decrypt an ESP TCPDUMP in Wireshark tool with the help of actual keys.
There is a way in Fortinet FW which I know of to retrieve the encryption & authentication keys so that we can the ESP packets decrypted in Wireshark. I am just trying to figure out whether this is possible in Check Point or not? Or do we have to take VPND (User space) debugs for that?
Thanks in advance!