How to manage Check Point firewall logging in TIBCO LogLogic LMI when Check Point Provider 1 firewall modules have overlapping IP addresses

How to manage Check Point firewall logging in TIBCO LogLogic LMI when Check Point Provider 1 firewall modules have overlapping IP addresses

book

Article ID: KB0077190

calendar_today

Updated On:

Products Versions
TIBCO LogLogic Log Management Intelligence all versions

Description

If there are overlapping IP addresses on Check Point Provider 1 firewall modules then this will prevent the CPMI data from being automatically pulled in. The method for resolving this is to manually configure the interfaces in LMI.

Issue/Introduction

This article explains how to configure LogLogic LMI to best manage when Check Point Provider 1 firewall modules have overlapping IP addresses.

Resolution

1. Go to Management->Check Point Configuration.
2. Edit a LEA server configuration and scroll down to the CPMI section.
3. Select the manual input radio button.
4. Then go to the Firewall tab and name each of the firewall modules and ensure they are enabled.
5. Select the Interfaces tab and configure the interface that is connected to the CMA, (you can view this information via the Provider 1 GUI). This will pull in all the information.
6. Ensure that you enable the Interface and select Trusted or Untrusted depending on the specific interface.

Powered by Wolken Software