|Applies To||enVision Core Other|
LEA Client is running
|Issue||Integrating checkpoint logs with Envsion|
There are various things that could cause issues with collecting from Check Point:
Make sure the Check Point Log Viewer is receiving events.
Check Ports are available on both sides:
FW1 (256): Non-authenticated connections
FW_lea (18184): Non-authenticated / authenticated connections
FW_ica_Pull (18210): Sending the Cert file to the appliance
LEA Client Service, check that this has been setup correctly.
If the LEA Client configuration looks good you can enable debugging by going into the enVision Web UI to the Manage Lea Service screen. Select the advanced option triangle and check off the debug option. This will restart the lea service and begin generating 2 debugging file out under the logs folder. LeaConnectionName_opsec_output.log, LeaConnectionName_checkview.log. These 2 files combined will give you a better idea of what is happening during the connection. If using non-auth you would need to modify the port and auth port settings in the fwopsec.conf file for that to work
|Legacy Article ID||a41323|