We have a Provider-1 running R80.10 and currently it does everything, policy , logs etc..
However we receive logs to a public IP which is not hosted on any Check Point device, so we have to use the masters file (and GuiDBedit) to achieve the logging.
I have now configured a MD Log server to migrate the logs to, to share the load.
When I change the Log section in masters file to the new log server IP (and push policy), i'm not receiving logs at all ( there is still a connection on port 257 to the cma from the gateway - not the log server), and cert based VPNs stop working.
If i change the IP back to the public IP of the CMA, it works fine again after a policy push, but all logging to the one box.
Is the 'Log' section also used for CRL retrieval ? I would have expected this to be the 'policy' section.
Also is there a way of configuring this to work correctly in the environment we have ?
Has anyone else come across this ?