Hi everyone,
I am about to perform Checkpoint Health Check for my customer. They want to get total traffic from their CoreSW, using span port.
This is my first time doing this so I'm building a lab environment (picture 01.png), and following this document (Configuring a Single Security Gateway in Monitor Mode (checkpoint.com)) to configure the monitor mode interface for span port from CoreSW.
But at procedure 6. Configure the required Access Control Policy for the Security Gateway in SmartConsole, I can't install policy for my Gateway (error: picture02.png). I think the problem when I configure eth1 in Network Topology, i follow procedure 3. (step 11. In the Leads To section, select Not defined (Internal)) (picture03.png), cause when I change eth1 Lead To -> This Network (Internal), then it was possible to install policy.
However, at procedure 7. using command <grep -A 3 -r fw_span_port_mode $FWDIR/state/local/*> i get (picture04.png):
:val (false) (should be *true)
I'm using only the Firewall Software Blade.
Can someone help me, please.
*Note:
I plan to perform Health Check:
Span Port CoreSW - Checkpoint 12400: Configure the Span port on CoreSW to point to the monitoring mode interface on Checkpoint 12400, then install the health check tool (Follow this sk: HealthCheck Point (HCP) Release Updates), and wait to get data for the report.