This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion Champion
Champion
‎2022-03-15 04:16 PM

CloudGuard VMSS instance and logging (on premise SMS)

I have a question about logging for CloudGuard VMSS instances and logging.

My management server is on a on premise network and all check point ports are forwarded via static NAT from the internet gateway to the SMS. Unfortunately, I do not receive any log information from the Cloudguard VMSS instance on port 257. There is no traffic on the VMSS gateway or on the on premise internet gateway visible.

tcpdump -i eth0 -nn port     --> does not display any packet

I had also tried to implement the following sk102712:
$FWDIR/conf/masters file on Security Gateway is overwritten during each policy installation - proced...

Therefore my question:

Does CloudGuard VMSS instances also use port 257?
Or Azure CME mechanissmen are used here to upload loggging informations?

Design:

[Azure VMSS instance]    -->    [Internet]    -->    [on premise FW gateway with static NAT rule]    -->   [SMS]

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
(2)
Who rated this post