April 29, 2009

How to allow new OPSEC connections to LEA service

Posted in Checkpoint Secure Platform at 3:39 pm by alessiodini


For a security project i created one OPSEC application in a Checkpoint Secure Platform NG environment.
For allow a connection between this application and LEA , Checkpoint must be configured.
For this purpose i used five steps.

1) login on management console
2) switch to expert modality
3) edit $FWDIR/conf/fwopsec.conf adding:

lea_server auth_port 18184
lea_server port 0
lea_server auth_type sslca
lea_server ip 18184 sslca

( the option sslca is used for ssl W/CERT )

4) run fwstop command
5) run fwstart command

After this configuration Checkpoint was ready for a OPSEC connection on LEA port 18184 ( the dafult port )!

Advertisements