April 29, 2009
How to allow new OPSEC connections to LEA service
For a security project i created one OPSEC application in a Checkpoint Secure Platform NG environment.
For allow a connection between this application and LEA , Checkpoint must be configured.
For this purpose i used five steps.
1) login on management console
2) switch to expert modality
3) edit $FWDIR/conf/fwopsec.conf adding:
lea_server auth_port 18184
lea_server port 0
lea_server auth_type sslca
lea_server ip 18184 sslca
( the option sslca is used for ssl W/CERT )
4) run fwstop command
5) run fwstart command
After this configuration Checkpoint was ready for a OPSEC connection on LEA port 18184 ( the dafult port )!
