Alex, For the sake of simplicity, I give a clear text communication mode. In this case, you have to modify the section of LEA as shown as follows:
# The VPN-1/FireWall-1 default settings are: # # sam_server auth_port 18183 # sam_server port 0 # lea_server auth_port 0 lea_server port 18184 # # ela_server auth_port 18187 # ela_server port 0 # # cpmi_server auth_port 18190 # # uaa_server auth_port 19191 # uaa_server port 0 # Also, you have to restart your fw daemon as for the new conf. For the lea.conf, you have to mention ip and port for the lea server service, and the following is an example for the clear text mode: lea_server ip 192.168.0.1 lea_server port 18184 Where 18184 is the default lea service port. If this still doesn't work, you may have to turn on the debug, and send me the output, and I will take a look at it. For howto of turning on the debug, you may go to project website and take a look at my post in FAQ of fw1-loggrabber. You may install fw1-loggrabber at the same management server. What is the platform of CK management server? Regards, Xiaodong -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Alexander Simbun Sent: Tuesday, January 11, 2005 11:15 AM To: [email protected] Subject: Re: [FW-1] Getting logs in ascii format using loggrabber Hi, I had configured the fw1-loggrabber 1.11 on my management server plus the OPSEC configuration, but I still can't get the output result. Anyway, my question is which part that I should configure the fwopsec.conf at? Management server or enforcement module? My firewall configuration is in cluster HA/LoadBalance mode, so I'm not sure how to configure OPSEC for fw1-loggrabber module. Is it able to install fw1-loggrabber at the same management server? Thanks very much. Regards, Alex ----- Original Message ----- From: "Xiaodong Lin" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, January 11, 2005 9:55 PM Subject: Re: [FW-1] Getting logs in ascii format using loggrabber > Alex, > > Besides the configuration of CP FW-1, you have to configure two conf > files of fw1-loggrabber, i.e. fw1-loggrabber.conf and lea.conf, if you > use the latest fw1-loggrabber release, fw1-loggrabber 1.11. For the > detail of howto, you could take a look at fw1-loggrabber.html inside > the release. This should give u a good start. > > Regards, > > Xiaodong > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf Of > Alexander Simbun > Sent: Monday, January 10, 2005 11:18 PM > To: [email protected] > Subject: [FW-1] Getting logs in ascii format using loggrabber > > Dear all, > Anyone here did or currently use FW1-Loggrabber for > getting the FW-1 logs in to ASCII format logs? I'm interested to use > FW1-Loggrabber in order to convert our existing FW1 logs file (in > binary > format) into human readable form of logs for our analysis. Any sample > or example that I could refer to on how to setup this open source > software including how to extract the logs? Please guide me. Thanks very much. > > Regards, > Alex > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription options, > email [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription options, > email [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
