Check Point - Debugging NAT

In order to debug NAT on a checkpoint we need to obtain information via the following,

  1. Set the debugging buffer to 2 KB
  2. Enable 2 debugging flags
  3. Output your data
  4. Then to reset the debugging flags.

The commands are,

fw ctl debug -buf 2048
fw ctl debug xlate src
fw ctl kdebug -f >& /tmp/kdebug.out
fw ctl debug O  't been matched to any of the previous rules.