The system checks the NAT, IPSec VPN, and ACL policy information about firewalls during path calculation to demonstrate accurate traffic path status, but this information cannot be retrieved directly via CLI commands for CheckPoint firewalls. To solve this problem, the system provides CheckPoint OPSEC Manager to retrieve the data from your existing CheckPoint OPSEC management system, save the data and further use it during path calculation.
2.In the Domain Management page, select Operations > Benchmark Tools > CheckPoint OPSEC Manager from the quick access toolbar.
3.In the CheckPoint OPSEC Manager, click Add.
1)Enter the information to access the CheckPoint firewall management system. For example, CheckPoint SmartDashboard.
▪SIC Name — the OPSEC client DN which is the secure key to communicate with the management system.
▪Username — the username to log in to the SmartDashboard.
▪Password — the password to log in to the SmartDashboard.
▪IP Address — the IP address of the SmartDashboard.
▪Port — the communication port of the SmartDashboard. By default, the port number is 18190.
▪Front Server/Front Server Group — the Front Server or Front Server group that will be used to access the SmartDashboard and collect data from it.
4.Go to schedule a Benchmark task, select the NAT Table and IPsec VPN Table options to retrieve the NAT, IPsec VPN and ACL information for path calculation.
The procedures to obtain DN in Checkpoint firewall management system vary depending on domain environments: