Sya Sent from my iPhone
On Jan 11, 2012, at 6:30, "Turenne" <[email protected]> wrote: > Hi David, Hi Rajeev > > I realy appreciate for you help. Thank you very much. > > > > 2012/1/11 turenne azevedo <[email protected]> >> >> >> >> Turenne Jr >> +55 11 6542.3699 >> >> >> >>> Date: Tue, 27 Dec 2011 16:33:17 -0500 >>> From: [email protected] >>> Subject: Re: [FW-1] Do you know to setting Opsec LEA_Server? >>> To: [email protected] >>> >>> Thanks, David. >>> >>> Hi Turenne, >>> Guess, there is not enough information but from what I can discern from >>> your post, here are some questions and pointers that may help you: >>> 1. Is your 'system/app' you call 'Syslog' (I understand you may be alluding >>> to a syslog server but not sure) has OPSEC/LEA API's >>> compiled/installed/configured? Without OPSEC/LEA API's, it will fail to >>> communicate with Checkpoint SmartCenter (what in your LEA client context >>> will be the LEA Server) >>> 2. Once the steps at '1' above have been taken, you are right in creating >>> an OPSEC Application for your LEA client (in your case what you call as >>> 'Syslog') but you just need to check only the 'LEA' under 'Client Entities' >>> and nothing to be checked under 'Server Entities'. You can then >>> 'initialize' SIC from this LEA application which will show "Initialized but >>> trust not established". >>> 3. You will then go to Policy>Install Database and install that on your >>> SmartCenter >>> 4. You do not need to make any changes to 'fwopsec.conf' file. Since NG and >>> above, Checkpoint does not recommend making any changes to it unless you >>> want to change the default port. Even without making changes to >>> 'fwopsec.conf' file, you would see 'netstat -an | grep 18184' showing up as >>> 'listening' >>> 5. You will then need to establish trust from your LEA client application >>> (Syslog) and once it is successfully established, the OPSEC Application you >>> created in SmartDashboard for LEA client will reflect 'trust established'. >>> (This will ensure the connection from your LEA client to LEA server is >>> fully authenticated but if you do not want it (won't recommend it though), >>> the connection can be made transparent and you do not have to go through >>> 'SIC' trust establishment) >>> 6. The above steps will help you get going but the important step is number >>> 1 to ensure your Syslog app/system is 'Checkpoint Aware' having OPSEC/LEA >>> APIs installed. >>> hope it helps. >>> Best, >>> Rajeev >>> >>> >>> On Tue, Dec 27, 2011 at 3:08 PM, David DeSimone <[email protected]> wrote: >>> >>>> I don't have an answer for Sr. Azevedo's problem, but I was able to >>>> translate his emails by removing some extra Content-Type headers that >>>> were ruining the base64 encoding. Perhaps someone else can answer: >>>> >>>> turenne azevedo <[email protected]> wrote: >>>>> >>>>> Hello...Good morning everyone >>>>> >>>>> I'm have problems to make a Syslog communicate with a >>>>> SmartCenter. After made settings in SmartDashboard Lea_Server >>>>> OPSEC (Manage> Servers and OPSEC Applications> New> OPSEC Application, >>>>> I created a name and a host node for Syslog, LEA checked the Entities >>>>> and Clients did SIC). I also made changes to the file fwopsec.conf >>>>> (lea_server auth_port lea_server AUTH_TYPE sslca and 18184). The >>>>> policy was apply and the SmartCenter initialized. I used the command >>>>> netstat-na | grep 18184 and I saw that the port was listening. This >>>>> missing a step? Any ideas for problem solving? Missing some setting? >>>>> >>>>> Thank you. A great day! >>>>> >>>>> Turenne Jr >>>>> +55 11 6542.3699 >>>>> >>>>> >>>> >>>> -- >>>> David DeSimone == Network Admin == [email protected] >>>> "I don't like spinach, and I'm glad I don't, because if I >>>> liked it I'd eat it, and I just hate it." -- Clarence Darrow >>>> >>>> >>>> This email message is intended for the use of the person to whom it has >>>> been sent, and may contain information that is confidential or legally >>>> protected. If you are not the intended recipient or have received this >>>> message in error, you are not authorized to copy, distribute, or otherwise >>>> use this message or its attachments. Please notify the sender immediately >>>> by return e-mail and permanently delete this message and any attachments. >>>> Verio, Inc. makes no warranty that this email is error or virus free. >>>> Thank you. >>>> >>>> Scanned by Check Point Total Security Gateway. >>>> >>>> ================================================= >>>> To set vacation, Out-Of-Office, or away messages, >>>> send an email to [email protected] >>>> in the BODY of the email add: >>>> set fw-1-mailinglist nomail >>>> ================================================= >>>> To unsubscribe from this mailing list, >>>> please see the instructions at >>>> http://www.checkpoint.com/services/mailing.html >>>> ================================================= >>>> If you have any questions on how to change your >>>> subscription options, email >>>> [email protected] >>>> ================================================= >>>> >>>> Scanned by Check Point Total Security Gateway. >>>> >>> >>> >>> Scanned by Check Point Total Security Gateway. >>> >>> ================================================= >>> To set vacation, Out-Of-Office, or away messages, >>> send an email to [email protected] >>> in the BODY of the email add: >>> set fw-1-mailinglist nomail >>> ================================================= >>> To unsubscribe from this mailing list, >>> please see the instructions at >>> http://www.checkpoint.com/services/mailing.html >>> ================================================= >>> If you have any questions on how to change your >>> subscription options, email >>> [email protected] >>> ================================================= > > > > > -- > Turenne Azevedo > cel. 11.6542-3699 > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > Email secured by Check Point > Email secured by Check Point ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
