I have added my Check Point CMA object to MARS, but am not getting seeing any log information. My CLM is a separate server (child enforcement module), which is discovered OK when the intial CMA discovery takes place in MARS. I have configured the Log Info settings for the CLM entry in MARS with the SIC details for the Check Point MARS and CLM objects.
I've created a simple query to gather outbound ftp data (for which there is lots) and I am seeing nothing when running this query in MARS. The associated CLM log shows plenty of entries. I am keen to be able to get some historical logging data via MARS, so any help to resolve this issue would be appreciated.
CS-MARS<>Check Point integration can be very tricky and is very dependent on the versions of software involved. You may be able to find out some additional insight into the process by raising the CS-MARS logging level for Check Point and monitoring the output. This is accomplished from the CS-MARS CLI:
[pnadmin]$ pnlog setlevel cpdebug
You can then view the messages via the CLI as well:
[pnadmin]$ pnlog show cpdebug
If this does not shed any light on the communication between CS-MARS and the Check Point devices, it would be best to open a service request with TAC to further troubleshooting can be performed.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...