Looking for way to export NAT Table from Checkpoint R65 from the CLI

Hi Team,
   We are using Checkpoint R65 extensively in our environment.  We want a way to be able to run a script that logs in to individual gateways/CMAs and export the NAT tables in csv format.  Is there a common (or even hidden) command to do this from the command line?

Thanks very much.
rleyba828Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ArneLoviusCommented:
I don;t believe that rancid, my usual tool of choice for storing configs is capable of working with Checkpoint devices unless they are configured to save their config out as a text file.

you might take a look at a commercial product http://www.algosec.com/en/products/firewall_analyzer
0
btanExec ConsultantCommented:
Looks like it will have to do with the 'fwx_alloc' table then...

there are some related link on some script but yet to see if fitting - probably to fw tab -t fwx_alloc with other option and grep the necessary field as txt and parse as csv...
 
http://nvkirank.blogspot.sg/2013/03/v-behaviorurldefaultvmlo.html#!/2013/03/v-behaviorurldefaultvmlo.html
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk32224&js_peid=P-114a7ba5fd7-10001&partition=General&product=Security
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rleyba828Author Commented:
Hi Team,   looked at both solutions above and first, we are constrained from buying additional 3rd party products and then for 'fwx_alloc above, I played and researched every possible variation of the command and it doesn't show anything about NAT, looks like its really a limitation of checkpoint.

thanks for all your help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.