This article applies to:
Question:
How do I upgrade a Check Point Firewall when LEA logging is enabled?
Procedure:
When upgrading the Check Point Firewall, a new log file will be created. The Firewall Suite product, through the lastrecord.txt file, will try to start retrieving information from the point at which Firewall Suite last got information. Unfortunately, the entry in the lastrecord.txt file will not be for this new log file, but rather will be for the log file that previously existed. If this is the case, then Firewall Suite will not retrieve information. By removing the lastrecord.txt file, and restarting the LEA service, the retrieval process is reset, to prepare for the newly created log file on the Check Point Firewall.
Steps to re-enable logging when using the LEA service are found below:
- Turn off the Firewall Suite LEA server service.
- Upgrade the Check Point firewall.
- Delete the lastrecord.txt files in the log file directory, located below:
c:\Program Files\WebTrends Firewall Suite\LeaCache\x_x_x_x.dat
[where x_x_x_x is the internal IP for the firewall]
Note: There will always be a lastrecord.txt file, and there may be a second file with a name beginning with "lastrecord" if the alog files are being logged.
- Restart the LEA server service.
- The logging should now continue.
- This article was previously published as:
- NETIQKB1728
