This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nflnetwork29
Advisor
‎2020-03-30 11:44 AM

show cdp

hello i'm trying to see where my checkpoint is connected (which physical port) 

the physical port is eth 2 on the checkpoint

is there a command similar to "show cdp" in checkpoint CLI ?

0 Kudos
7 Replies
Timothy_Hall
Legend Legend
Legend
‎2020-03-30 12:35 PM

 

Sort of.  From the third edition of my book:

Click to Expand

Determining the Layer 2 switching path is a little more difficult and may involve
tracing cables. If you are using Cisco switches in your network, from the firewall you
can sniff and decode Cisco Discovery Protocol (CDP) frames from the switch attached to
the firewall with this command:

tcpdump -vn -s 1500 -i (interface) 'ether[20:2] == 0x2000'

 

fig16.jpg
Figure 1-6: tcpdump Decode of CDP Traffic


From your testing workstation, you can do something similar in Wireshark. Start a
capture on your network interface and use the following filter:


eth.dst == 01:00:0c:cc:cc:cc

 

fig17.jpg
Figure 1-7: Wireshark Decode of CDP Traffic


The CDP traffic should tell you enough about the locally attached switch to identify
it. Keep in mind that there may be many other switches in the path between your testing
workstation and the firewall depending upon the architecture of your network; you need
to discover them all. If they are Cisco switches and you can obtain command-line access
to them, running the Cisco IOS command show cdp neighbors is helpful for
identifying adjacent switches.


Depending on the vendor (and version) of the networking devices used in your
environment, they may be using the IEEE 802.1AB Link Layer Discovery Protocol
(LLDP) instead of CDP. The Cisco command show lldp neighbors is helpful for
identifying adjacent switches; use this command to view and decode LLDP traffic:


tcpdump -vn -s 1500 -i (interface) ether proto 0x88cc

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
Vladimir
Champion
Champion
‎2020-03-30 12:41 PM
In response to Timothy_Hall

This looks like another great candidate for @HeikoAnkenbrand or @Danny to turn into oneliner 🙂

nflnetwork29
Advisor
‎2020-03-30 12:44 PM
In response to Timothy_Hall

really? that seems like its overly complicated lol
0 Kudos
_Val_
Admin
Admin
‎2020-03-31 12:03 AM
In response to nflnetwork29

Cisco Discover Protocol is not supported with Check Point. 

Maria_Pologova
Collaborator
‎2020-04-22 02:58 PM
In response to _Val_

There is self-written CDP deamon for Check Point. Works like a charm.

https://github.com/oribit/cdpd-cp

xsxso
Employee Alumnus
Employee Alumnus
‎2022-03-24 09:10 AM
In response to _Val_

What about LLDP?

 

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-03-24 04:14 PM
In response to xsxso

Only in R81 and above per sk117676, note the limitations about VSX. 

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events