UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21. Read more.
UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21.Read more.
Captain
Captain
526 views

Can't connect to LEA Server

Hi All,

I'm having trouble configuring Checkpoint OPSEC Smart Connector. Kindly see screenshot.

Capture.PNG

Checkpoint mgmt server is reachable. The lea port is reachable as well via telnet. The configuration on the side of the checkpoint are as follows,

lea server                  18184

lea server auth port 0

 

However, the LEA client can't connect to the LEA server. Please help determine what are causes of this error & how to resolve this.

 

 

Thanks,

Nathan Pitero

0 Likes
2 Replies
Fleet Admiral
Fleet Admiral

Hello,

1) I will assume that you are trying to use Clear Connection type to Checkpoint.

2) In CheckPoing guide I can see following:
--------------------------
Edit the fwopsec.conf file to contain the following lines:
lea_server port 18184  
lea_server auth_port 0
--------------------------

3) In your question I can see:
lea server 18184
lea server auth port 0

So be sure that in the "fwopsec.conf" you have this exactly as it is noted in the Guide and that you did "cpstop/cpstart".

4) Also you can "DEBUG" the connection to see if you can see something, in Guide topic is called "Executing lea_client Under OPSEC Debug Mode".

5) Side note is that this is 32 bit SmartConnector and they are going EoL 04/2018 and there is no 64 bit version of this SmartConnector as it uses Lea Client API libraries from CheckPoint that are only 32 bit. You should consider using CheckPoint Syslog SmartConnector. Also there are some issues on Windows platform that you may experience so I would suggest to try with RHEL/CentOS now when as you are doing it as there there are no such issues.

Regards,

Marijo

0 Likes
Lieutenant Commander
Lieutenant Commander

Hi ,

Also , check the conenctivity from Lea Client(Connector Server) and make sure you are able  to telnet on port 18184 to the Management Server .

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.