Posts

Showing posts from January, 2017

How to Reset SIC ( Secure Internal Communication) in Checkpoint Firewall

Image
1. Login to checkpoint CLI. And go to clish mode.

2. Type Command " CPCONFIG"



              3. Now select option (5) Secure Internal Communication from given choice.  4. Now it will ask you to really reset the sic. You need to type "Yes" 5. Now it will ask to enter the sic key. Type any key i.g admin@123                            6. Now it will automatically stop and start your all checkpoint daemon. And you will have a new SIC key. 



Xiaomi Mi Max Prime (Gold, 128GB)

CHECKPOINT BASIC TROUBLESHOOTING COMMANDS

CHECKPOINT BASIC TROUBLESHOOTING COMMAND


1. cpwd_admin list : To check all service of the checkpoint are running or not.
    If any service will not run then its STAT will show T. If service will work fine then its stat show E.

2. fw stat:  It will show current policy name and detail which is applied to your gateway.

3. getifs: It will show all  interfaces detail  with ip addresses.

4. cpstat os –f ifconfig:  It will show all ip address with MAC address in a straight table which can help to     understand in better way.

5. cpconfig: It is very useful to make changes in checkpoint firewall. It is used to reset sic, enable or disable checkpoint cluser, secure xl, core xl etc.

6.Cp_conf sic stat:  It will show SIC ( Secure Internal Communication) current stat.

7. cplic print: To check license status.

8. fw ctl pstat: About tcp/udp connections.

9. cphaprob stat: It will show cluster status.

10. cphaprob –a if: It will show all require a virtual interface for cluster and its detail.

11. cphaprob –I i…

Can not complete the backup process: not enough space in /var/log/CPbackup/backups

Are You 127.0.0.1?


Checkpoint Firewall Troubleshooting:

Error:
 Local Backup has failed.
 Can not complete the backup process: not enough space in /var/log/CPbackup/backups.
 Backup Operation failed.

Solution:

To Download Complete Troubleshooting  steps with pictorial representation in pdf  click on below link:

https://drive.google.com/open?id=0BzsZQR5UHyuGSHJ3ZlZwZm1FTEU

Step1: Have you try to take backup after delete old backup files?
  Still facing same error.  Go to next step

 Step 2: Login to CLI and go to expert mode.  Check how many backup file are there. As I see I have two  backup file in cd/var/log/CPbackup/backups directory and with the help of command df-kh, my disk space  is showing full in /var/log directory.
 How it is possible even I have only two backup file?

 “Some time my gateway not able to push gateway logs to the management server due to less  space in  management server. So it store all log files on itself in directory /var/log/opt/CPsuit-  R77/fw1/log so we have  t…

Network Security Question in Checkpoint Firewall IPSec VPN and Encryption Method

Image
Network Security Question in Checkpoint Firewall

Lecture 2 IPSec VPN and Encryption Method:
1. What is Authenticity, Confidentiality and Integrity? 

Authenticity: Verifies that the packet received is actually from the claimed sender. It verifies the authenticity of sender. Pre-shared Key, Digital Certificate are some methods that can be used for authentication. 

Confidentiality:Encrypts the message content through encryption so that data is not disclosed to unauthorized parties. Encryption algorithms include 

DES (Data Encryption Standard), 3DES (Triple-DES), AES (Advanced Encryption Standard)

Integrity: Ensure that the contents of the packet have not been altered in between by man-in-middle. Hash algorithm includes MD5, SHA.


2. What is Symmetric and Asymmetric Encryption?

Symmetric Encryption:  In symmetric encryption, a single key is used both to encrypt and decrypt traffic. It is also referred as shared key of shared secret encryption. Symmetric encryption algorithms include DES, 3DES, AE…