Alex,
For the sake of simplicity, I give a clear text communication mode. In
this case, you have to modify the section of LEA as shown as follows:
# The VPN-1/FireWall-1 default settings are:
#
# sam_server auth_port 18183
# sam_server port 0
#
lea_server auth_port 0
lea_server port 18184
#
# ela_server auth_port 18187
# ela_server port 0
#
# cpmi_server auth_port 18190
#
# uaa_server auth_port 19191
# uaa_server port 0
#
Also, you have to restart your fw daemon as for the new conf.
For the lea.conf, you have to mention ip and port for the lea server
service, and the following is an example for the clear text mode:
lea_server ip 192.168.0.1
lea_server port 18184
Where 18184 is the default lea service port.
If this still doesn't work, you may have to turn on the debug, and send
me the output, and I will take a look at it. For howto of turning on the
debug, you may go to project website and take a look at my post in FAQ
of fw1-loggrabber.
You may install fw1-loggrabber at the same management server. What is
the platform of CK management server?
Regards,
Xiaodong
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of
Alexander Simbun
Sent: Tuesday, January 11, 2005 11:15 AM
To: [email protected]
Subject: Re: [FW-1] Getting logs in ascii format using loggrabber
Hi,
I had configured the fw1-loggrabber 1.11 on my management server
plus the OPSEC configuration, but I still can't get the output result.
Anyway, my question is which part that I should configure the
fwopsec.conf at? Management server or enforcement module? My firewall
configuration is in cluster HA/LoadBalance mode, so I'm not sure how to
configure OPSEC for fw1-loggrabber module. Is it able to install
fw1-loggrabber at the same management server?
Thanks very much.
Regards,
Alex
----- Original Message -----
From: "Xiaodong Lin" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, January 11, 2005 9:55 PM
Subject: Re: [FW-1] Getting logs in ascii format using loggrabber
Alex,
Besides the configuration of CP FW-1, you have to configure two conf
files of fw1-loggrabber, i.e. fw1-loggrabber.conf and lea.conf, if you
use the latest fw1-loggrabber release, fw1-loggrabber 1.11. For the
detail of howto, you could take a look at fw1-loggrabber.html inside
the release. This should give u a good start.
Regards,
Xiaodong
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of
Alexander Simbun
Sent: Monday, January 10, 2005 11:18 PM
To: [email protected]
Subject: [FW-1] Getting logs in ascii format using loggrabber
Dear all,
Anyone here did or currently use FW1-Loggrabber for
getting the FW-1 logs in to ASCII format logs? I'm interested to use
FW1-Loggrabber in order to convert our existing FW1 logs file (in
binary
format) into human readable form of logs for our analysis. Any sample
or example that I could refer to on how to setup this open source
software including how to extract the logs? Please guide me. Thanks
very much.
Regards,
Alex
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
[EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email [EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
[EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email [EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
[EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email [EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
