1. Create a UTM-1 Edge Gateway Device
    a. Configure the name
    b. Click “Edit Registration Key” button and generate a random key (this will not be used again so no need to save the key)
    c. Make sure that “Externally Managed Gateway” is checked. If not, this will count against the management server’s licensed devices
    image001.png

  2. Configure the topology and encryption domain of the device
  3. Select “IPSec VPN”
  4. Click “Add” under the “Repository of Certificates Available to the Gateway”
    a. Provide a Nickname for the certificate
    b. Leave the “CA to enroll from” the default (if using the Management server’s Certificate Authority)
    c. Choose the “Generate Option
    img002.png
    d. Leave all the defaults for the DN and choose “Ok” to generate the certificate
    img003

  5. You should now see a certificate in the Repository of the Gateway
    img004

  6. Select “View” to view the certificate and copy the “Subject” (DN) of the certificate:
    image005

  7. Choose ok
  8. Choose the “Matching Criteria” button
    a. Select “internal_ca” from the CA drop down (unless using another Certificate Authority”
    b. Check the “DN” option and paste the DN from step 6
    c. Hit ok
    image006

  9. Select “Ok” to save the object
  10. Reopen the gateway object and go back to “IPSec VPN”
  11. Select “Export p12” and choose a password for the certificate (remember this password as it will need to be provided to the remote side)
    image007

  12. Send the password and the p12 file to the remote side for them to import
  13. Continue configuring the rest of the VPN as you would any other VPN (leaving out the PSK)
  14. Push the policy

Notes:

  • This is best used for dynamic IP devices such as Safe@Office devices
  • These steps assume the Management Server is not also managing the remote dynamic IP gateways although the steps are not much different

[ # ]

Hello all,

You may have noticed changes to the URLs and the site in general. We are working on moving Packetbin from a custom built CMS to Drupal. There are a few reasons for this,

  1. Comments are now a possibility. Comments may have worked on the old version but would have taken a bit too much time to implement compared to moving to a proper CMS engine.
  2. Easier user management
  3. Added functionality for submitters

There are many other features that make the move a good idea but the above 3 were some of the large reasons for this move. Please excuse any issues you may notice with the site or theme. If you have some suggestions, thoughts, or notice any bugs, please feel free to comment here.

It's important to note that the Scripts page has been renamed to 'Projects'. The scripts under this page have also had their URLs rewritten. I apologize if this breaks any bookmarks.

In the near future, there will also be a redesign of Packetbin. It's not likely to be too drastic but things will be changing a bit. We are still looking to find a good icon/logo for Packetbin, so if you have any thoughts, please feel free to comment here.

Thanks, Packetbin Administration

[ # ]

ps -ef | grep snort | grep fp | awk -F -i '{ print $2 }' | awk '{print $1}' | head -n1

[ # ]

fw log -l -t -n <log file>

Notes:

  • The log file is optional. Defaults to $FWDIR/log/fw.log.
  • If all logging connections are active, the firewall is unlikely to be logging locally. This command only works when the device is logging locally.
  • -n - Do not perform DNS resolution
  • -f -t - Similar to 'tail -f' on the file

[ # ]

// No SSL VPN
delete system services web-management

// With SSL VPN
set system services web-management http interface lo0.0;
set system services web-management https system-generated-certificate
set system services web-management session session-limit 7

[ # ]

set deviceconfig setting logging log-suppression <to enable/disable>                     !! Roll up logs for a set amount of time (saw <log> 10 times)
set deviceconfig setting logging max-log-rate <max logging rate>
set deviceconfig setting logging max-packet-rate <max packet logging rate>

[ # ]

/usr/bin/passwd <username>

Notes:

  • 'passwd ' is a special script by Checkpoint and does not work for changing passwords

[ # ]