VMware Smart Assurance NCM: Checkpoint Firewall getting discovered as Generic device
Article ID: 345321
Updated On:
Products
VMware
Issue/Introduction
Symptoms:
Checkpoint firewall discovery in NCM is failing to identify correct driver with below messages in $VOYENCE_HOME/logs/autodisc.log
discoverDriverViaSnmp: 10.x.x.x: (trying Driver #1000:CHECKPOINT)
Executing function "CHECKPOINT::initialize"...
Executing function "CHECKPOINT::discoverDevice"...
DASL: Check Point Discovery
SNMP-GET(.1.3.6.1.2.1.1.1.0)->Linux b118451cckcpf1001 2.6.18-92cp #1 SMP Thu Oct 15 17:02:54 IDT 2015 i686
DASL: SNMP Check Point Discovery
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
Executing function "CHECKPOINT::discoverDevice"...done #1.000000e+00 (1)
discoverDriverViaSnmp: Driver #1000, Can't Manage this device
Device is discovered with Generic device class.
Checkpoint firewall discovery in NCM is failing to identify correct driver with below messages in $VOYENCE_HOME/logs/autodisc.log
discoverDriverViaSnmp: 10.x.x.x: (trying Driver #1000:CHECKPOINT)
Executing function "CHECKPOINT::initialize"...
Executing function "CHECKPOINT::discoverDevice"...
DASL: Check Point Discovery
SNMP-GET(.1.3.6.1.2.1.1.1.0)->Linux b118451cckcpf1001 2.6.18-92cp #1 SMP Thu Oct 15 17:02:54 IDT 2015 i686
DASL: SNMP Check Point Discovery
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
Executing function "CHECKPOINT::discoverDevice"...done #1.000000e+00 (1)
discoverDriverViaSnmp: Driver #1000, Can't Manage this device
Device is discovered with Generic device class.
Environment
VMware Smart Assurance - NCM
Cause
NCM looks for OID 1.3.6.1.4.1.2620.1.1.10.0 contains FireWall-1 & sysDesc(.1.3.6.1.2.1.1.1.0) should not contain IP530 to identify device as CheckPoint Firewall.
Here second condition is met, first is not, hence discovery will pick Generic driver.
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
SNMP-GET(.1.3.6.1.2.1.1.1.0)->Linux b118451cckcpf1001 2.6.18-92cp #1 SMP Thu Oct 15 17:02:54 IDT 2015 i686
This device type is not officially supported in NCM as of now. Raise a TASC request for official device support in upcoming NCM DSR releases.
Refer the below links on how to submit TASC request:
https://kb.vmware.com/s/article/334114?lang=en_US
Here second condition is met, first is not, hence discovery will pick Generic driver.
SNMP-GET(.1.3.6.1.4.1.2620.1.1.10.0)->Firewall
SNMP-GET(.1.3.6.1.2.1.1.1.0)->Linux b118451cckcpf1001 2.6.18-92cp #1 SMP Thu Oct 15 17:02:54 IDT 2015 i686
This device type is not officially supported in NCM as of now. Raise a TASC request for official device support in upcoming NCM DSR releases.
Refer the below links on how to submit TASC request:
https://kb.vmware.com/s/article/334114?lang=en_US
Resolution
Below workaround can be added in DS to discover device with correct device class:
1) Create a directory with name "checkpoint" at $VOYENCE_HOME/custompackage, if it doesn't already exist and copy all files from $VOYENCE_HOME/package/checkpoint to the newly created folder.
2) Open devCP.dasl file at $VOYENCE_HOME/custompackage/checkpoint/ directory, modify below lines
From:
(ProductCode.value == "FireWall-1"))
To:
(ProductCode.value == "FireWall-1" || Firewall ))
From:
if (strfind (version, "FireWall-1") != -1) {
To:
if (strfind (version, "FireWall-1") != -1 || strfind (version, "Firewall") != -1) {
Save the file.
3) Restart voyence service with following command:
service voyence restart
4) Discover the device now.
2) Open devCP.dasl file at $VOYENCE_HOME/custompackage/checkpoint/ directory, modify below lines
From:
(ProductCode.value == "FireWall-1"))
To:
(ProductCode.value == "FireWall-1" || Firewall ))
From:
if (strfind (version, "FireWall-1") != -1) {
To:
if (strfind (version, "FireWall-1") != -1 || strfind (version, "Firewall") != -1) {
Save the file.
3) Restart voyence service with following command:
service voyence restart
4) Discover the device now.
Feedback
Yes
No
Powered by
