CHECKPOINT DUMP‎ > ‎

Checkpoint commands cheat sheet

posted 17 Mar 2016, 12:20 by DR Labs   [ updated 10 Apr 2016, 00:00 ]
Checkpoint VSX

Find using dashboard which physical D8 the virtual is sitting on.
Here is some basic syntax to run a tcpdump on a  D8 VSX  firewall.
ssh to the  active VSX Gateway .
Make sure you are in expert mode
Type expert to be gain that mode.
Run this command
vsx stat  -v
vsx stat  -l
identify your virtual firewall number  (e.g. Client 2) then type this
vsx set  x ##Where x is your Virtual firewall number listed in the left column

run this command
route
identify the ingress and egress interfaces   by looking at the routing table.
Then run two tcpdumps
Ingress interface

tcdpump  -I  <interface_name>  host <IP_address_of_the_Machine_your_are_interested_in> -nn and host <IP_address_of_the_Machine_your_are_interested_in>
egress interface
tcdpump  -I  <interface_name>  host <IP_address_of_the_Machine_your_are_interested_in>

Ċ
Donald Ross,
16 Sep 2016, 01:30
Ċ
Donald Ross,
16 Sep 2016, 01:29
Ċ
Donald Ross,
16 Sep 2016, 01:30
Comments