TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
> Hi, > > * I'm using an (NT 4.0 server,SP6a, IE4 and ISS Real secure 5.0) as my > network sensor. > * My Checkpoint firewall is Version 4.1 and is installed on Solaris > 2.7. > * My network sensor Is communicating with the Console. > * While I try to integrate the Checkpoint firewall with Real secure > its not working. > > First I have made the following changes in my firewall. > > under $FWDIR\conf > vi fwopsec.conf > > sam_server ip <ip address > of my firewall> > sam_server auth_port 18183 > lea_server auth_port 18184 > ela_proxy auth_port 18187 > #ela_proxy auth_type ssl_opsec > (commented out) > ela_proxy auth_type auth_opsec > (this line is newly added) > ela_proxy fwd_machine <ip address > of my Firewall> > > # authenticated connections for servers > # server <server IP> <service port> > auth_opsec > server 127.0.0.1 18181 > auth_opsec > server 127.0.0.1 18182 > auth_opsec > > sam_allow_remote_requests yes > > Under $FWDIR\bin > > # fw putkey -opsec <IP addess of the real secure Network Sensor> > password:******** > Confirm Password:******** > > Then I went to Real secure Network Sensor > > Under \program files\iss\realsecure5.0 > > >opsec_putkey <IP address of the Firewall> > > * I could receive the following message > > "OPSEC: Received new security control key from <ip > of firewall>" > "Authentication with <ip of firewall> > initialized" > > I have configured the console global response and restored the same for > the Network sensor > My console shows me the attacks which are happening and the response is > OPSEC source IP block. Sensor is also sending the request to block the > source. > > But my fire wall log is not showing me the SAM request. Also the attacker > is not getting blocked. > > > Can you help me in figuring out to identify and rectify the mistake? > > waiting for your reply > > Thanks and rgds > Balaji T R
