This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Nandhakumar
Participant
‎2021-12-19 04:13 AM

Identity Collector issue

Hi,

We have configured 2 IDC for our identity awareness gateway cluster (Version R81.10). We have noticed only it showing one idc session when ran "pdp connections idc".

I checked from non reported IDC, i am able to do telnet from IDC to security gateway IP address on port 443. Tested connection from idc to gateway, all looks good.

When ran tcpdump getting continuous logs for one of the idc on port 443 but not the same with other one. Not sure what would be the issue, Can you some insight on this would be appreciated. 

 

0 Kudos
2 Replies
the_rock
Champion
Champion
‎2021-12-19 05:19 AM

Can you run fw monitor to the non working one and then compare the output with working one? That would give us some insight...also, maybe confirm the routing is valid with ip r g x.x.x.x (ip address) command.

0 Kudos
Nandhakumar
Participant
‎2021-12-20 07:56 PM
In response to the_rock

Routing is in place and both IDC's are in same Vlan. I am able see to connections are established with connected IDC but not the other one when ran netstat command. 

Also our identity gateway is cluster, so ideally communication from IDC to Identity gateway happens with port 443 but what I have observed in netstat it showing connection established with node IP and that too with port 5908 port.

Does any internal NAT happening here? Also does port 5908 is known port for Checkpoint IDC and identity gateway communication?

 

0 Kudos