Solved

Looking for way to export NAT Table from Checkpoint R65 from the CLI

Posted on 2013-05-29
3
2,138 Views
Last Modified: 2013-05-31
Hi Team,
   We are using Checkpoint R65 extensively in our environment.  We want a way to be able to run a script that logs in to individual gateways/CMAs and export the NAT tables in csv format.  Is there a common (or even hidden) command to do this from the command line?

Thanks very much.
0
Comment
Question by:rleyba828
3 Comments
 
LVL 36

Assisted Solution

by:ArneLovius
ArneLovius earned 250 total points
ID: 39206364
I don;t believe that rancid, my usual tool of choice for storing configs is capable of working with Checkpoint devices unless they are configured to save their config out as a text file.

you might take a look at a commercial product http://www.algosec.com/en/products/firewall_analyzer
0
 
LVL 61

Accepted Solution

by:
btan earned 250 total points
ID: 39206787
Looks like it will have to do with the 'fwx_alloc' table then...

there are some related link on some script but yet to see if fitting - probably to fw tab -t fwx_alloc with other option and grep the necessary field as txt and parse as csv...
 
http://nvkirank.blogspot.sg/2013/03/v-behaviorurldefaultvmlo.html#!/2013/03/v-behaviorurldefaultvmlo.html
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk32224&js_peid=P-114a7ba5fd7-10001&partition=General&product=Security
0
 

Author Comment

by:rleyba828
ID: 39212305
Hi Team,   looked at both solutions above and first, we are constrained from buying additional 3rd party products and then for 'fwx_alloc above, I played and researched every possible variation of the command and it doesn't show anything about NAT, looks like its really a limitation of checkpoint.

thanks for all your help.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Read about achieving the basic levels of HRIS security in the workplace.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now