[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Looking for way to export NAT Table from Checkpoint R65 from the CLI

Posted on 2013-05-29
3
Medium Priority
?
2,437 Views
Last Modified: 2013-05-31
Hi Team,
   We are using Checkpoint R65 extensively in our environment.  We want a way to be able to run a script that logs in to individual gateways/CMAs and export the NAT tables in csv format.  Is there a common (or even hidden) command to do this from the command line?

Thanks very much.
0
Comment
Question by:rleyba828
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 37

Assisted Solution

by:ArneLovius
ArneLovius earned 750 total points
ID: 39206364
I don;t believe that rancid, my usual tool of choice for storing configs is capable of working with Checkpoint devices unless they are configured to save their config out as a text file.

you might take a look at a commercial product http://www.algosec.com/en/products/firewall_analyzer
0
 
LVL 65

Accepted Solution

by:
btan earned 750 total points
ID: 39206787
Looks like it will have to do with the 'fwx_alloc' table then...

there are some related link on some script but yet to see if fitting - probably to fw tab -t fwx_alloc with other option and grep the necessary field as txt and parse as csv...
 
http://nvkirank.blogspot.sg/2013/03/v-behaviorurldefaultvmlo.html#!/2013/03/v-behaviorurldefaultvmlo.html
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk32224&js_peid=P-114a7ba5fd7-10001&partition=General&product=Security
0
 

Author Comment

by:rleyba828
ID: 39212305
Hi Team,   looked at both solutions above and first, we are constrained from buying additional 3rd party products and then for 'fwx_alloc above, I played and researched every possible variation of the command and it doesn't show anything about NAT, looks like its really a limitation of checkpoint.

thanks for all your help.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
How does someone stay on the right and legal side of the hacking world?
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question