Saturday, 26 November 2011

CheckPoint: How to Export a list of VPN Users for Auditors

Hi Everyone,

Apologies for not uploading anything interesting as of late. My time has been almost entirely consumed with learning Juniper, which I may create a separate page for sometime in the future to detail those experiences.

Anyways, I've had a few requests for an easy way to supply auditors a list of VPN user details without having to resort to manually grep'ing through $FWDIR/conf/fwauth.NDB to generate a usable report.

While it's not as easy as say, Cisco's 'show run | i users', it's pretty close:

[Expert@R75-A]# fwm dbexport -f /tmp/users_dump.xls

You'll notice that the results you need are formatted *terribly* in the initial output. Each user will look something like this:
[Expert@R75-A]# cat /tmp/users_dump.xls
Milton;    black;    {Awesome_Employees};    {Any};    {Any};    Internal Password;    00:00;    23:59;    31-dec-2030;    {MON,TUE,WED,THU,FRI,SAT,SUN};    Auth;    YIH14pBTDJvJ6;    ;    ;    ;    ;    ;    Any;    {};    {,,None};    ;    ESP;    SHA1;    3DES;    ;    {DES,3DES};    {MD5,SHA1};    {signatures};    ;    Any;    ;    false;    ;   
However, if you import this file into Excel/Libre Calculator and specify "Separated by" with Tab, Semicolon, and Space, it becomes perfectly readable and ready to submit to the auditor.

I'm running low on idea's at the moment, so if you'd like to know how to do anything CheckPoint related, let me know!



  1. This comment has been removed by a blog administrator.

  2. great!
    Can I export name and email to a file?
    It seems that db has no email context.

  3. This comment has been removed by a blog administrator.

  4. This comment has been removed by the author.

  5. Hello,

    I would like to export the list of vpn users last login.
    I tried the command above but i get an error message which says:

    This is not a Security Management Server station

    Could you please help?