fir3net
PPS-Firenetbanner-780.5x190-30-03-17

Check Point - Debugging NAT

In order to debug NAT on a checkpoint we need to obtain information via the following,

  1. Set the debugging buffer to 2 KB
  2. Enable 2 debugging flags
  3. Output your data
  4. Then to reset the debugging flags.

The commands are,

fw ctl debug -buf 2048
fw ctl debug xlate src
fw ctl kdebug -f >& /tmp/kdebug.out
fw ctl debug O  't been matched to any of the previous rules.

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001