All the events which are sent to the DLP server is having client IP as the checkpoint IP only.
We have integrated DR Checkpoint firewall with DLP. Traffic is passing to the DLP server from the Firewall. Yet all the events that are collected at the DLP server is having the Firewall IP as its client IP. Due to this we are unable to get the actual client IP for those events.
Kindly confirm whether any settings can be changed from the checkpoint firewall by which the DLP events will show the actual Client machines IP.