Errors found in $FWDIR/conf/ipassignment.conf-checkpoint-all
Vendor: checkpoint
OS: all
Description:
The ipassignment.conf file is used for remote access VPN configuration. Any errors in the file’s contents will be alerted on by indeni.
Remediation Steps:
See https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk105162
vpn_ipafile_check_vsx
name: vpn_ipafile_check_vsx
description: run "vpn ipafile_check $FWDIR/conf/ipassignment.conf" on all vs in VSX
type: monitoring
monitoring_interval: 60 minutes
requires:
vendor: checkpoint
role-firewall: true
vsx: true
comments:
ipassignment-conf-errors:
why: |
To check if there are errors in the $FWDIR/conf/ipassignment.conf, that could cause Remote Access VPN clients
to notconnect successfully. See Check Point KB article SK105162:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk105162
how: |
By using the Check Point built-in "vpn ipafile_check" command, the content of $FWDIR/conf/ipassignment.conf
can be verified to be correct.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: vpn-ipafile-check-vsx.remote.1.bash
parse:
type: AWK
file: vpn-ipafile-check-vsx.parser.1.awk
checkpoint_ipassignment_errors
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/checkpoint_ipassignment_errors.scala