Check Point - Debugging NAT

In order to debug NAT on a checkpoint we need to obtain information via the following,

  1. Set the debugging buffer to 2 KB
  2. Enable 2 debugging flags
  3. Output your data
  4. Then to reset the debugging flags.

The commands are,

fw ctl debug -buf 2048
fw ctl debug xlate src
fw ctl kdebug -f >& /tmp/kdebug.out
fw ctl debug O  't been matched to any of the previous rules.

About the Author


R Donato

Rick Donato is the Founder and Chief Editor of He currently works as an SDN/NFV Solutions Architect and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001