Resolution
goal
How do I configure the management module machine for use with VigilEnt Security Agent for VPN-1/Firewall-1?
fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1
fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1.1
fix
note
The rules that you configure in this step must come before any stealth rules or cleanup rules.
note
Port numbers that have an asterisk (*) after them need to be configured. Port numbers that do not have asterisks may already be configured.
How do I configure the management module machine for use with VigilEnt Security Agent for VPN-1/Firewall-1?
fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1
fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1.1
fix
Follow the steps below on the management module computer to configure the Policy Editor to allow the agent to use the required ports.
- Open the Policy Editor on the Check Point management module computer.
- Set up the agent computer and the VigilEnt Security Manager (VSM)Â core computer as Network Objects.
- Add the TCP services that are described:
- 256 Used for authenticating the agent to the management module.
- 1621* Used for VigilEnt Security server.
- 1625* Used for VigilEnt Log Analyzer.
Note: Enable bi-directional traffic between the agent and the Log Engines
on this port in your security policy. You also need to enable bi-directional
traffic on the agent port (2261 by default). - 2261* Used for VSM and VSA for VPN-1/FireWall-1 services (VSM core to agent).
Note: If you want to use an alternate port when you create the firewall host
in VSOC, use that port number instead of 2261 when you configure the
TCP service. - 8443* Used for VSM to agent communications over SSL protocol.
- 18183 Used for OPSEC services (agent to Check Point management module), FW1_sam.
- 18184 Used for OPSEC services (agent to Check Point management module), FW1_lea.
- 18185* Used for OPSEC services (agent to Check Point management module), OPSEC_ldap.
- Configure a rule to allow the agent to VigilEnt Security Manager core service and another rule to allow the VigilEnt Security Manager core to agent service.
- Proceed to ?Testing the Event Stream? on page 60 of the User Guide.
note
The rules that you configure in this step must come before any stealth rules or cleanup rules.
note
Port numbers that have an asterisk (*) after them need to be configured. Port numbers that do not have asterisks may already be configured.
Additional Information
Formerly known as NETIQKB30612