Saturday 26 November 2011

CheckPoint: How to Export a list of VPN Users for Auditors

Hi Everyone,

Apologies for not uploading anything interesting as of late. My time has been almost entirely consumed with learning Juniper, which I may create a separate page for sometime in the future to detail those experiences.

Anyways, I've had a few requests for an easy way to supply auditors a list of VPN user details without having to resort to manually grep'ing through $FWDIR/conf/fwauth.NDB to generate a usable report.

While it's not as easy as say, Cisco's 'show run | i users', it's pretty close:


[Expert@R75-A]# fwm dbexport -f /tmp/users_dump.xls

You'll notice that the results you need are formatted *terribly* in the initial output. Each user will look something like this:
[Expert@R75-A]# cat /tmp/users_dump.xls
Milton;    black;    {Awesome_Employees};    {Any};    {Any};    Internal Password;    00:00;    23:59;    31-dec-2030;    {MON,TUE,WED,THU,FRI,SAT,SUN};    Auth;    YIH14pBTDJvJ6;    ;    ;    ;    ;    ;    Any;    {};    {,,None};    ;    ESP;    SHA1;    3DES;    ;    {DES,3DES};    {MD5,SHA1};    {signatures};    ;    Any;    ;    false;    ;   
However, if you import this file into Excel/Libre Calculator and specify "Separated by" with Tab, Semicolon, and Space, it becomes perfectly readable and ready to submit to the auditor.

I'm running low on idea's at the moment, so if you'd like to know how to do anything CheckPoint related, let me know!

Cheers,