Blue Coat ProxySG – Splash Page Updates

In my previous blathering’s about BlueCoat splash pages, I always had used the variable $(cs-categories) to identify which BlueCoat WebFilter (BCWF) the requested URL was a child of. But this displays ALL the categories that a specific URL/site is a member of, not just the one that is the criteria for the block. In your…

Read More »

Blue Coat ProxySG – Issues Upgrading SGOS From 5.5.x.x to 6.2.x.x

Following an upgrade on an SG600-10, from 5.5.3.31 to 6.2.9.1, I encountered the errors below, and was unable to pass traffic thru the proxy using the BlueCoat WebFilter categories for “Allow”/”Deny”. As this specific ProxySG is a non-production device, there are very minimal users working with it, and the first I noticed of the issue,…

Read More »

Check Point Quick Reference – Tcpdump

NOTE: fw monitor operates above layer 2 and does not include mac address information – cant see ARP messages. tcpdump can see layer 2 ARP messages This is one of the most common tcpdump commands: (looks for packets from a src to dst, need to specify interface) tcpdump nn-i eth2 host 11.11.11.11 and host 22.22.22.22…

Read More »

Check Point Quick Reference – FW Monitor

Overview: FW Monitor is a built-in firewall tool which needs no separate install on the device you wish to capture packets and interrogate connections. It is a functionality provided with the installation of the FW-1 package and syntax is also identical across all FW-1 installations. FW Monitor allows for sampling the connection from 4 different…

Read More »

Firewall Commands For Identifying Specific Routes

The Question: Identify the route to specific destination/target without using the routing table (more specific) I was asked the question today, and blanked out… I have ran the Cisco and CheckPoint IPSO versions, but not Splat, but still couldnt pull it from memory. Once I looked it up, I felt silly, but know it will…

Read More »

CheckPoint SmartDashboard – Missing Menu

Was just bouncing around updating rules in some firewalls, and noticed that the menu bar at the top of the window was missing… After some searching, I found that a registry setting needed to be modified, to restore the menu bar. Here is the registry path: HKEY_CURRENT_USER\Software\CheckPoint\Management Clients\6.2.01\R75.10\Check Point SmartDashboard\Check Point SmartDashboard\Toolbar States\ToolBar-Bar0 You will…

Read More »

FTP Client Authentication Syntax For BlueCoat ProxySG

In this example the syntax used is the “Checkpoint” method. FileZilla Open FileZilla Edit–>Settings…–>FTP–>FTP Proxy–>Click Custom–>Enter the syntax below: USER %u@%s@%h PASS %p@%w Fill in the following: Proxy Host – 123.123.123.123 Proxy User – NTID Proxy Pass – NTPass Click OK to get to the main screen again. Fill in the following: Host: – ftp.server-u-need-2-get-2.com…

Read More »

Blue Coat – HowTo Set Up A Policy Trace To Debug Access Issues

Problem Description: Policy tracing is primarily used when debugging access to web sites. When something is allowed and it should be denied, or vice-versa, using the policy trace feature is the best way to diagnose the issue. Resolution: Enabling a policy trace Open the “Configuration” tab, expand “Policy” radio button Launch the visual policy manager…

Read More »

Useful Stuff

This post is a quasi-holding place for uncategorized things at the moment, with no rhyme or reason as to why its here or somewhere else: SCP files from a linux box or firewall to another linux box: SYNTAX = scp /path/to/local/file user@remote_host:/path/to/file/on/remote/host EXAMPLE = scp /var/tmp/todays-date-kernel-debug.tgz user@firewall-hostname:/var/tmp/todays-date-kernel-debug.tgz

Read More »