Checkpoint Gaia: Manual proxy arp

Gaia is an overlay of Linux, the file structure is Linux. To enter Linux environment you need to enter the expert mode.From the documentation you must create manual proxy arp if you are doing manual static NAT.You can add proxy arp in the following methods: 1. Use the Gaia portal. 2. Use the command line … Continue reading Checkpoint Gaia: Manual proxy arp

Advertisements

Tshoot: Unable to establish SIC between gateway and management

1. Check if both your management server and Checkpoint security gateway has the same time. 2. Check if there is duplicated IP address. I have made a silly mistake that my smart dashboard pc has the same IP address as the checkpoint security gateway.

Cisco ASA: Firewall rule testing before deployment

Introduction You want to segregate the network between users and servers network. Both the users and servers network is using the same subnet 192.168.20.0/24, to reduce the changes while implementing firewall and to test the firewall before it is deployed in between users and servers you have decided to do the following: 1. Use transparent … Continue reading Cisco ASA: Firewall rule testing before deployment

CSM: Integrating CSM with ACS version 4.2

Summarized Steps On ACS: 1. Create an ACS server administrator account with full ACS privileges. This admin credential is required for CSM AAA Mode Setup. 2. Enable Network Device Group. 3. Rename User groups. 4. Create users and associate the users to appropriate groups. 5. Create system identity user and group this user. This same … Continue reading CSM: Integrating CSM with ACS version 4.2

CSM: Authentication by TACACS+ and Authorization by CSM

When you want CSM users to be authenticated by Cisco ACS but want the authorization by CSM. Since CSM version 4.3, it has a feature of role management setup, this setup controls user rights. Login to the web portal Select Server Administration CSM home screen The default authentication mode is CiscoWorks Local. CSM supports several … Continue reading CSM: Authentication by TACACS+ and Authorization by CSM

CSM (disable ticket): Configuring logging to new device

Ticket management By default Cisco Security Manager enables ticket, however I have disabled the ticket management. The purpose of ticket is before any changes is made with CSM you need to create a ticket, then proceed to do the changes, after changes is made and saved, you need to submit the ticket. If workflow is … Continue reading CSM (disable ticket): Configuring logging to new device