The actual capturing of traffic cannot be done in the web-GUI, so head into CLI and go to Expert-mode. add user scpAccount uid 666 homedir /home/scpAccount set user scpAccount realname Scpaccount add rba user scpAccount roles scpRole set user scpAccount password save config Capture some traffic using TCPdump Log into your firewall using SSH and run these commands to create a new user account and assign it to the SCP Role. ![]() You only need to add the Feature called Expert Mode with Read/Write permissions and then click on OK. Log into your firewall’s web-GUI and navigate to User Management > Roles > click on Add and set up the new Role as the image below shows. Create a new Role for SCP-users (Web-GUI / CLI) Gaia Web-GUI If you have a redundant setup using clustered firewalls, make sure you are doing these steps on the firewall that is currently active, as this is where we will want the user to exist since we will be capturing traffic on this firewall. Security Gateway Configurationįor the configuration of the actual firewalls, you can use either CLI or the web-GUI, instructions for both ways will follow down below. You can download it from their website (link). ![]() I usually use WinSCP because I’m mainly a Windows user, the software is free and easy to set up. To access the SCP-server of your Check Point firewall, you will need an SCP client. ![]() The cluster is also connected to the internet and has basic rules set up to allow the lab-PC to access the internet, as well. The lab environment consists of a Windows 10 PC (which will be both the source of traffic capture and act as SCP-client to extract the packet capture files from the firewall) on the internal network, and a pair of Check Point Security Gateways (firewalls) working together as a cluster with SG1 being the currently active firewall.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |