This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HeikoAnkenbrand
Champion Champion
Champion
‎2020-09-17 11:28 PM

iketool

 

I have been wondering for years what you can I do with the iketool. To me this looks like an ike.elg logfile parser similar to ikeview.

/opt/CPsuite-R80.40/fw1/bin/iketool
iketool.JPG

I have tried the following and only get the following message:
# iketool -f /opt/CPsuite-R80.40/fw1/log/ike.elg -v
Unrecognized file format

When I search for iketool in the KB I don't find anything!

PS:
An ike parser on the gateway would be a dream for me. Then you don't have to copy the files via winscp and analyze them with ikeview.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
2 Replies
Danny
Champion Champion
Champion
‎2020-09-17 11:55 PM

strings iketool shows:

##### END PACKET DEBUG #####
Check Point SecuRemote / SecureClient
NG with Application Intelligence R54
NG with Application Intelligence R55 or above
NG With Application Intelligence post-R55
Support for Microsoft NAT traversal
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Usage:
iketool -f file [OPTIONS]...
 -f file           the file to parse
 -b                shows a summary of the log (does not work with -s)
 -h                display this help and exit
 -i cookie 		filter by init cookie, unspaced
 -v                prints a more detailed output
 -p IP             filter by ip
 -s                start in stream mode

Version String=NGX
Interface Version=0
Company Name=Check Point Software Technologies LTD.
Legal Copyright=(c) 2005-2009 Copyright Check Point Software Technologies Ltd
Internal Name=iketool

So this looks like an ancient ike.elg viewer back from the NGX days.

However, opening ike.elg files in vi shows that they are already pretty much readable.
Some BASH magic to pretty format their content and VPN could be easily debugged at CLI.

In case you are signed up to Check Points TAC Academy Training next week on this topic you could also ask there about iketool.
Sep 23-24 2020 9:30 – 14:30 GMT+3 VPN Concepts and Troubleshooting
Timothy_Hall
Legend Legend
Legend
‎2022-01-28 06:54 AM

As a followup iketool seems to work for me on R80.40 vanilla at least with IKEv1 ike.elg files (see screenshot); I don't have a ikev2.xmll file handy to test with IKEv2 though.

iketool.png

Attend my Gateway Performance Optimization R81.20 course
CET (Europe) Timezone Course Scheduled for July 1-2
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    li.common.scroll-to.top