Hi David, Hi Rajeev I realy appreciate for you help. Thank you very much.
2012/1/11 turenne azevedo <[email protected]> > > > > Turenne Jr > +55 11 6542.3699 > > > > > Date: Tue, 27 Dec 2011 16:33:17 -0500 > > From: [email protected] > > Subject: Re: [FW-1] Do you know to setting Opsec LEA_Server? > > To: [email protected] > > > > Thanks, David. > > > > Hi Turenne, > > Guess, there is not enough information but from what I can discern from > > your post, here are some questions and pointers that may help you: > > 1. Is your 'system/app' you call 'Syslog' (I understand you may be alluding > > to a syslog server but not sure) has OPSEC/LEA API's > > compiled/installed/configured? Without OPSEC/LEA API's, it will fail to > > communicate with Checkpoint SmartCenter (what in your LEA client context > > will be the LEA Server) > > 2. Once the steps at '1' above have been taken, you are right in creating > > an OPSEC Application for your LEA client (in your case what you call as > > 'Syslog') but you just need to check only the 'LEA' under 'Client Entities' > > and nothing to be checked under 'Server Entities'. You can then > > 'initialize' SIC from this LEA application which will show "Initialized but > > trust not established". > > 3. You will then go to Policy>Install Database and install that on your > > SmartCenter > > 4. You do not need to make any changes to 'fwopsec.conf' file. Since NG and > > above, Checkpoint does not recommend making any changes to it unless you > > want to change the default port. Even without making changes to > > 'fwopsec.conf' file, you would see 'netstat -an | grep 18184' showing up as > > 'listening' > > 5. You will then need to establish trust from your LEA client application > > (Syslog) and once it is successfully established, the OPSEC Application you > > created in SmartDashboard for LEA client will reflect 'trust established'. > > (This will ensure the connection from your LEA client to LEA server is > > fully authenticated but if you do not want it (won't recommend it though), > > the connection can be made transparent and you do not have to go through > > 'SIC' trust establishment) > > 6. The above steps will help you get going but the important step is number > > 1 to ensure your Syslog app/system is 'Checkpoint Aware' having OPSEC/LEA > > APIs installed. > > hope it helps. > > Best, > > Rajeev > > > > > > On Tue, Dec 27, 2011 at 3:08 PM, David DeSimone <[email protected]> wrote: > > > > > I don't have an answer for Sr. Azevedo's problem, but I was able to > > > translate his emails by removing some extra Content-Type headers that > > > were ruining the base64 encoding. Perhaps someone else can answer: > > > > > > turenne azevedo <[email protected]> wrote: > > > > > > > > Hello...Good morning everyone > > > > > > > > I'm have problems to make a Syslog communicate with a > > > > SmartCenter. After made settings in SmartDashboard Lea_Server > > > > OPSEC (Manage> Servers and OPSEC Applications> New> OPSEC Application, > > > > I created a name and a host node for Syslog, LEA checked the Entities > > > > and Clients did SIC). I also made changes to the file fwopsec.conf > > > > (lea_server auth_port lea_server AUTH_TYPE sslca and 18184). The > > > > policy was apply and the SmartCenter initialized. I used the command > > > > netstat-na | grep 18184 and I saw that the port was listening. This > > > > missing a step? Any ideas for problem solving? Missing some setting? > > > > > > > > Thank you. A great day! > > > > > > > > Turenne Jr > > > > +55 11 6542.3699 > > > > > > > > > > > > > > -- > > > David DeSimone == Network Admin == [email protected] > > > "I don't like spinach, and I'm glad I don't, because if I > > > liked it I'd eat it, and I just hate it." -- Clarence Darrow > > > > > > > > > This email message is intended for the use of the person to whom it has > > > been sent, and may contain information that is confidential or legally > > > protected. If you are not the intended recipient or have received this > > > message in error, you are not authorized to copy, distribute, or otherwise > > > use this message or its attachments. Please notify the sender immediately > > > by return e-mail and permanently delete this message and any attachments. > > > Verio, Inc. makes no warranty that this email is error or virus free. > > > Thank you. > > > > > > Scanned by Check Point Total Security Gateway. > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away messages, > > > send an email to [email protected] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [email protected] > > > ================================================= > > > > > > Scanned by Check Point Total Security Gateway. > > > > > > > > > Scanned by Check Point Total Security Gateway. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= -- Turenne Azevedo cel. 11.6542-3699 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
