How do I configure theÂ management module machine for use with VigilEnt Security Agent for VPN-1/Firewall-1?
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1.1
Follow the steps below on the management module computer to configure the Policy Editor to allow the agent to use the required ports.
- Open the Policy Editor on the Check Point management module computer.
- Set up the agent computer and the VigilEnt Security Manager (VSM)Â core computer as Network Objects.
- Add the TCP services that are described:
- 256 Used for authenticating the agent to the management module.
- 1621* Used for VigilEnt Security server.
- 1625* Used for VigilEnt Log Analyzer.
Note: Enable bi-directional traffic between the agent and the Log Engines
on this port in your security policy. You also need to enable bi-directional
traffic on the agent port (2261 by default).
- 2261* Used for VSM and VSA for VPN-1/FireWall-1 services (VSM core to agent).
Note: If you want to use an alternate port when you create the firewall host
in VSOC, use that port number instead of 2261 when you configure the
- 8443* Used for VSM to agent communications over SSL protocol.
- 18183 Used for OPSEC services (agent to Check Point management module), FW1_sam.
- 18184 Used for OPSEC services (agent to Check Point management module), FW1_lea.
- 18185* Used for OPSEC services (agent to Check Point management module), OPSEC_ldap.
The rules that you configure in this step must come before any stealth rulesÂ or cleanup rules.
Port numbers that have an asterisk (*) after themÂ need to be configured. Port numbers that do not have asterisks may already be configured.