Showing posts from February, 2017

Complete VPN Series Videos

Welcome to VPN Series:

Lecture 1: About VPN and Component used to create a successful VPN.

Lecture 2:Contain: IPSec VPN, AH, ESP, SA, Symmetric encryption, Asymmetric encryption, Pre-Shared Key, Digital Signature.

Lecture 3:Contain: VPN Phase 1 & Phase 2, Diffie Hellman Key, VPN Main Mode, VPN Aggressive Mode

Lecture 3: Contain: About VPN, VPN Domain, Virtual Tunnel Interface, Route Based VPN, Domain Based VPN, Site to Site VPN, Remote Access VPN

How to Enable TCP Options in Checkpoint Firewall.

Process Document of Enable TCP Options on Checkpoint Firewall.

Issue: Checkpoint Security Gateway Will drop TCP/UDP packet with IP options. In certain environments, traffic going through checkpoint security gateways may contain IP options. It may be necessary to allow these packets to pass.
In order to allow packets with IP options to pass through security gateway, the configuration on the security management server has to be changed manually.

Action Plan:-
1.    Open the table.def file in Checkpoint Management server and the configuration on the security management server has to be changed manually in the relevant “ table.def “ file.
Path:- C:\Windows\FW1\R77\fw1\lib  -> table.def file
2.    Extract the protocol number and IP options number of the dropped packets. To allow an IP option for all protocols, the IP option number of the dropped packet has to be added inside the brackets in Decimal format.

allowed_ip_options = { <148> };
allowed_ip_options = { <148>…

How to Check CPU utilization in Checkpoint Firewall.

To check CPU utilization in checkpoint firewall. You have several option, either you can check it via GUI client Smart View Monitor or CLI.

To check it from CLI run below command-

1. top