21.2.10 - sapwalk (v 21.5 & v 25.0) both fail with on Auth MD5 (pro priv)
Article ID: 248742
Updated On:
Products
Issue/Introduction
Hi Team,
21.2.10 - sapwalk (v 21.5) & v 25.0) both fail with on Auth MD5 (pro priv) & SysObjID 1.3.6.1.4.1.2620.1.6.123.1.64
Windows fails with:
CP 15400 does not crash (with same credentials), sysObjID is ...63
Checkpoint Firewall with sysObjID ...64, crashes sapwalk2
All have at least one (1) virtual
These are all Physicals
SysObjID ...63 _does not_ crash sapwalk2 (or sapwalk2 v25)
SysObjID ...64 _does_ crash sapwalk2 (or sapwalk2 v25)
sapwalk2 -v v3 -s 1.3.6 -u spectrumv3 -l AP -xt MD5 -xa xxxxxxxxxxxxxxxxxxxxxxx -i 10.xxx.xxx.xxx
10.254.141.100
1.3.6.1.4.1.2620.1.6.123.1.64
Checkpoint Firewall
crashes sapwalk2
Environment
Release : 21.2
Component : DX NetOps Spectrum General
Cause
Incorrect authentication provided in the syntax
Correct syntax to use Anp (Authentication No Privacy) instead of Authentication with Privacy.
sapwalk2 -v v3 -s 1.3.6 -u spectrumv3 -l AnP -xt MD5 -xa xxxxxxxxxxxxxxxxxxxxxxx -i 10.254.141.100
===================================
sapwalk2 -v v3 -s 1.3.6 -u spectrumv3 -l AP -xt MD5 -xa xxxxxxxxxxxxxxxxxxxxxxx -i 10.254.141.100
10.254.141.100
1.3.6.1.4.1.2620.1.6.123.1.64
Checkpoint Firewall
crashes sapwalk2
-l is Authentication Type
- nAnP (no Authentication No Privacy)
- AnP (Authentication No Privacy)
- AP (Authentication with Privacy)
Resolution
Since the Checkpoint FW's with SysObjID 1.3.6.1.4.1.2620.1.6.123.1.64 using MD5 as the Auth (no Privacy), then the correct syntax would be
sapwalk2 -v v3 -s 1.3.6 -u spectrumv3 -l AnP -xt MD5 -xa xxxxxxxxxxxxxxxxxxxxxxx -i 10.xxx.xxx.xxx
-l is Authentication Type
- nAnP (no Authentication No Privacy)
- AnP (Authentication No Privacy)
- AP (Authentication with Privacy)
Feedback
