Sunday, 5 April 2020

How to open a Service Request (SR) - Check Point Software || NetworKHelp

at No comments:

TOP Troubleshooting Command Line for Checkpoint R80 || NetworKHelp

at No comments:

CPView Utility – Why you need to use this tool more often || Checkpoint ...

at No comments:

Vulnerability remediation of Weak SSL Cipher Suites,TLSv1 from Checkpoin...

at No comments:

Tuesday, 17 March 2020

                 



➧Follow Www.NetworkHelp.org on: Facebook: https://www.facebook.com/NetworkHelp-... YouTube: https://www.youtube.com/channel/UCXDX... Blogger: https://networkhelpit.blogspot.com/ WhatsApp : +91 8950508849 Category : Education

Category

Education

  1. How do I backup and restore an MDS?
  2. What is Provider-1?
  3. How to merge CMA's
  4. provider-1 problem waiting
  5. Provider-1 mdsbackup
  6. Exporting from Provider-1
  7. Provider-1 NG R55 - Re-Authenticating with SecurID Authentication
  8. Separating MDS manager from container
  9. Provider-1 Running Slow
  10. Provider-1 Global Objects
  11. MDG Software
  12. Provider-1 mds_backup no cp.license
  13. Moving existing management server into PR1
  14. Logging in Provider1 (NGX)
  15. Provider-1 backups on SPLAT
  16. mds_backup vs backup on PR1 (SPLAT)
  17. Restoring from a backup - compression errors !
  18. what is CPprofile.sh
  19. Provider-1 VSX NG AI
  20. Bridge Mode on VPN-1 NGX
  21. How to migrate firewall from different CMA?
  22. Migration from P1's CMA back to Mng Server
  23. Preconfiguring the IP for CMA on SPLAT
  24. After in-place upgrade R60A to R61 operations fail on some CMA's
  25. Provider-1 FWM Process
  26. Provider-1 and Solaris multipathing?
  27. How to Fetch logs from VSX?
  28. cma_migrate error
  29. Provider-1 Migration
  30. Problems: P1 R60 trying to manage R61 VPN Pro
  31. P1 Customer Properties
  32. Modules intermittently showing "Needs attention"
  33. Patching PR1 NGX R60 with HFA04
  34. P-1 R61/NG FP3 SIC issues
  35. Moving a MDS that is also a CA
  36. Provider-1: Migration from R60 to R61HFA1
  37. Provider-1: How to do a fwm sic_reset on a particular CMA?
  38. Installing a Secondary MDS Manager NGX
  39. Provider-1 vs. SiteManger-1
  40. mdsquerydb / cpmiquerybin
  41. upg/new install from r55 to r61 on new server and use modified cp-admins.C off R55
  42. cp-gui-clients.C file the same between R55 and R61 ?
  43. Problems introducing a new remote secondary Provider 1 server (Provider1 NGX R60 HFA0
  44. Monitoring Provider-1/SiteManager-1 Status
  45. provider-1 credentials - not passing to SmartDashboard
  46. securing Provider-1 assets
  47. Introducing Smartcentre logging server into PR1 NGX
  48. 2 MLMs defined - how can I confirm syncing ?
  49. provider1 - bad or good?
  50. Provider-1 intermittent problems
  51. CMA migrate
  52. Provider-1/sitemanager-1
  53. SIC CMA on Backup Provider
  54. logging to 2 different CLM versions of Provider-1?
  55. Provider-1 NGx R65 and licensing issue
  56. SmartCenter to CMA
  57. restore
  58. Provider-1 Global Policy unable to be applied
  59. How to determine physical IP address of a CMA?
  60. provider-1 - good/bad thoughts?
  61. importing policies into CMA
  62. Provider-1 R65 upgrade from R60
  63. MDS FWM Process dies
  64. NGAI VSX cma migration to R61
  65. unable to login to dashboard after upgrade
  66. Internal error [11]
  67. Urgent: Help needed with migrating NGx R65 CMA from Solaris 9 system to SPLAT system
  68. Urgent help needed with Provider-1 misconfiguration
  69. Both Provider-1 Managers showing as "active/active"
  70. Provider-1 NGXR65
  71. Provider - 1 upgrade R54 to R62
  72. Provider commands
  73. Provider-1 with Eventia
  74. Provider-1
  75. P-1 problem. need help ASAP
  76. New CML
  77. Eventia not generating logf after upgrade from R55 to R61
  78. LEA Ports to opened for Provider-1
  79. P-1 and RSA SecurID authentication
  80. Multiple Standalone FW to 1 CMA
  81. Error: cannot resolve name!
  82. Cron MDS Backup for NGX
  83. GUI for Secureplatform
  84. migrate users & gui clients
  85. BACKUP OR MDS_BACKUP?
  86. Provider installation
  87. Gateway cluster member doesn't show up in Provider-1 MDG
  88. P1 HA options
  89. CMA migration from NGX R60 to R65
  90. Provider-1 upgrade_export? Is it possible?
  91. Migrate R55 SC to R65 P1 CMA
  92. Global policy
  93. User Provisioning to Provider-1 CMA
  94. Provider-1 and multi-processor machine
  95. ¿Provider-1 R62 or R65?
  96. managing users on a log server that isn't a CLM inside MDS
  97. mds_backup failed
  98. Installation failed
  99. Extracting Administrator Info from P1
  100. Provider-1 NG R55 to NGx R65 upgrade dilema
  101. Pre upgrade verifier errors
  102. Copying objects from CMA to new CMA on same box ?
  103. Provider-1 NG w/ AI R55 on a Dell 4xCPUs box
  104. Error to install "global policy" in Provider-1
  105. Status of network objects (module) in R65 MDS gui
  106. Provider-1 MLM hardware recommendations
  107. CHECKPOINT OBJECT REMOVAL
  108. secondary log server
  109. R61 to R65 upgrade
  110. after upgrade to R65 : old folders
  111. cp_merge could not open the database
  112. mds backup not synced
  113. Database Revision Control Houskeeping
  114. SC to CMA
  115. Upgrading Provider-1 NGx R65 2.4 kernel to P-1 NGx R65 2.6 kernel
  116. Import SmartCenter to Pro-1 failed
  117. a policy push removes rules/objects
  118. Cannot Create a Log Server in Global Rule Base
  119. single cma db and policy backup
  120. R65 - CMA GUI Locks not clearing
  121. Checkpoint Provider-1 NGx R65 and SMP
  122. Provider-1 Global mesh Global VPN community with permanent tunnels
  123. Reasons to move to Provider-1
  124. CMA to SC: going the other way
  125. Provider-1 Spec
  126. difference between CLM and MLM
  127. Custom commands <NAME> variable
  128. provider-1 server sizing tool
  129. CMA Backup
  130. connectivity issues between the customer cma and its remote-gateway
  131. cma mirroring error pls help
  132. provider-1 failover not working help !@!
  133. Provider R61 to R65 - CMA version issue
  134. migrating firewall to a different cma
  135. P1 R65 random CMA stop
  136. P-1 R65: Read-Only Administrators – Access to Dashboard
  137. MDS_Restore
  138. rename Customer
  139. resuse of ip for clm issues
  140. Dynamic DNS for Edge in a Provider-1 Environment
  141. CMA seen with "? Status Unknown" in MDG
  142. migrate policy and objects
  143. P1 migration from Solaris to Splat
  144. Migrating CMAs with VSX objects defined
  145. Need Procedural Help for setting up P-1
  146. R65 MDS Central License Fails
  147. CMA import/cma_migrate. ICA key error
  148. Failed to read database files.
  149. Provider1 to Smart centre server
  150. Auditable (meaningful) permissions from cp-admins.C anyone?
  151. no Active connections for VSX and R65
  152. Provider-1 NGx R65 upgrade
  153. Provider-1 mds_backup and 2GB file size limitation
  154. FWD 100% on one of CMAs
  155. CMA reassigning error
  156. Splitting one SC to many CMA - VS
  157. Splitting a CMA (provider-1 R65)
  158. CMA Split best method
  159. Cannot delete CMA
  160. Global Policy Database Revision Control Fails
  161. Question: R70 P1 and R65 VSX upgrades
  162. Provider-1, unable to add global policy.
  163. this anoying message after upgrading to NGx R70
  164. Global policy impact on CMA
  165. basic Question on global policy
  166. managment through secondary cma
  167. Local object "promotion" to global object?
  168. Upgrading an HA Provider-1 System
  169. Move to Provider-1
  170. MLM and CLM License
  171. Provider-1/Sitemanager-1 product question
  172. NIC teaming (bonding) is supported on Provider-1 NGx R70?
  173. Provider-1 migration reccomendations
  174. Provider-1 New Project
  175. Problem connecting to Provider-1 with MDG
  176. Changing the ip address of cma
  177. Making standby cma active ? (PR1-R60)
  178. R65 HFA 40 Wont Load on MLM but will on MDS
  179. Migration and Recovery.
  180. Provider-1 upgrade Multi-MDS env questions
  181. R70.1 or R65 with HFA04
  182. CMA start but MDS could be load
  183. P-1 to CMA migration.
  184. SIC is not initialized either at the SmartCenter Server or the peer [error no. 119]
  185. Weird dynamic objects resolution challenge
  186. Provider-1 firewall rules required
  187. Deleted Customer / CMA but directory structure still exists
  188. CMA disappears after starting
  189. DELL PowerEdge 2970
  190. SPLAT Provider-1 NGx R65 upgrade to NGx R70 confusion
  191. Gateway disconnected
  192. Provider-1 NGX R65 HFA60 Upgrade Problem
  193. MDS log_rotate script
  194. CMA just hung from launching via SmartDashboard
  195. Smartcentre to P1 Migration
  196. Provider-1 and VSX ugprade and re-IP address
  197. Provider-1 R65 backup_util sched error
  198. HFA70 - Anybody?
  199. R70.30 Remote File Management
  200. R70.30 P1 and Odd Behavior with VSX
  201. Upgrade from P1 R65 to P1 R70 - possible scenarios with VSX R65 gateways
  202. Provider-1 MDS license
  203. P1 Upgrade and expansion to HA
  204. Is it possible to turn on logging on multiple rules in one go?
  205. cpstat mg on P-1 on R70.30
  206. No eval license on a new CMA ?
  207. provider-1 install document
  208. Import CMA from R65 provider One to R71 Provider One
  209. Provider-1 CMA migration from R70.40 to R71.10
  210. Global Object gsnmp-trap causes assignment failure
  211. P-1 is R70.40 but stand-alone log server is R65 HFA_70
  212. P1 Inactive Accounts
  213. CLM design - explanation ?
  214. Failed to create mirror cma ....
  215. Provider1 supported under VMware ?
  216. Provider-1 NGx RR71.20
  217. Manual CMA import wont start on Provider-1 Splat R65
  218. P1 Upgrade from R65 to R70
  219. SPLAT PRO R70.40 and Radius Server
  220. SPLAT NGx R71.10 on Dell PowerEdge 2650 misery continues
  221. SPLAT R71.20x on Dell PowerEdge R710 with 12GB RAM
  222. MDG R70.40 crashes
  223. SPLAT NGx R71.20 MUST READ
  224. why am I seeing this message?
  225. Has Check Point lost all credibility when it comes to software defects?
  226. Migrate a standalone Smart Center Server to P1 SPLAT
  227. upgrade P1 from R65 to R70
  228. in place upgrade from R65 to R71.10 fails
  229. No logs to CMA after import
  230. 2 issues
  231. Multi domain Management (R75) on VMware ESXi 4.1
  232. Best Practice Guides for Provider-1
  233. R65 P1 to R75 smart-1 standalone?
  234. provider-1 trick question sort of
  235. Not sure if this right, but here goes...additional logging off P-1 to an Eventia....
  236. [Flows Diagram]
  237. Unable to install global policy
  238. CMA : Cannot allocate memory error during policy verification
  239. SmartDomain Manager GUI quits upon connection
  240. Provider-1 Connected Administrators - Modify Refresh Rate?
  241. Policy install fail without detail error
  242. Perl library for P1 (kind of a scripting question)
  243. (In)Stability of R71.30 Provider-1
  244. Upgrade to R75.20 Multi-Domain SecurePlatform on Open Server
  245. R75 Provider-1 in VMware
  246. Upgrade to R75.10, with SSDs, from R65; Results
  247. Unable to "Enable Global Use" on R75.20 SmartDomain Manager
  248. mds_restore - gzip: stdin: unexpected end of file
  249. Can't start CMAs FWM stopped
  250. Migrating a Smart Center with multiple policies to P1
  251. Provider-1 to new hardware migration
  252. storage access network
  253. Global OPSEC application object not seen in CMA
  254. Merge Rule Base in a CMA
  255. Provider-1 R65.30 to R75.20 Migrate Error
  256. Multi Admin roles - User Access Rights in Provider-1
  257. New R75.20 MLM Server on ESX VM w/SAN Attached Storage
  258. Question on upgrade_import
  259. Standalone Security Management Server to Multi-Domain Security Management
  260. mds_restore failed
  261. Upgrading MDS from R70.1 to R75.20 with MDS HA.
  262. Provider-1 and VSX - Migration of a CMA containing VS with change of IP address
  263. FWM process down after a mds_restore
  264. Popup when CMA starts
  265. Unused objects in MDS
  266. FWM of CMA crashes on policy install after upgrade to R75.30
  267. admin_for_debug_only default multi-domain super-user account on 75.20?
  268. Upgrading Provider-1 from R65 to R75.30
  269. CMA migration from one Provider-1 NGx R70.20 to another Provider-1 NGx R71.30 system
  270. How to upgrade Check Point Multi-Domain management from R71.20 to R75.30
  271. How to configure Secondary MDS (MultiDomain Server)...
  272. all in one SC and Gateway migration to Smartdomain
  273. P1 MDS and MLM R70.30 to R75.40 Inplace Upgrade
  274. Log backup/archive scripts MDS / MDLS
  275. Adding VLAN to VS interface...SmartDomain R75 - issues, advice please
  276. 10 pound question
  277. Adding routes with dbedit on VSX and install routes
  278. MDM R75.40 on GAiA - gotchas
  279. Import from SmartCenter with multiple policies question
  280. Database install kills Multi Domain Management GUI on SPLAT R75.40VS
  281. Newbie question: Adding a existing VSX Cluster to a new domain
  282. Migrate CLM from old to new hardware
  283. Gateway Migration to new Provider-1 same CMA
  284. R75.40 mds_restore is broken
  285. How to move existing CMAs/MDS to bonded interface
  286. MLM retore and log file recovery or new MLM install
  287. Procedure for migrating a CLM to new hardware
  288. R65.70 CMA to R75.30 CMA
  289. Advice on migration of multiple Gateways and Provider-1
  290. Parameters and format for editing queries.conf
  291. Multiple Policy Import - SDM R75
  292. What versions of gateways can R75.40 & R75.45 MDS manage?
  293. Secondary Provider help needed
  294. Silly question on P-1 installed on a Linux server
  295. Provider-1 , how to export/import administrators to the secondary Provider-1 server
  296. Migration of (Globel policy & CMA) Provider-1 to another Provider-1
  297. MDS Upgradation..
  298. [SOLVED] R76 MDS / VSX license SmartUpdate Issue
  299. Clean temporary files in $FWDIR
  300. MDS migration R71.10 to R76
  301. smartcenter server configurations to Multi domain security managemnet server
  302. Purpose of the secondary management server deletion before migrate
  303. Upgraded R75.2 --> R76 MDS -- Frequent GUI Crashes
  304. How to find Gateway Status using MDSCMD via CLI
  305. Missing global rules
  306. PV1 CMA export-import
  307. Provider-1 to Smart-1
  308. Does Checkpoint Provider-1 support LDAP for managing the devices
  309. Regarding Backup and Snapshot of MDM
  310. Anti-spoofing configuration
  311. Migrate Management Server R77 with VSX to MultiDomain R77
  312. why no backup via sftp?
  313. Gateways per CMA? Large scale deployment experience?
  314. SmartDashboard R77.10 crashes on specific CMA when doing "Where used"
  315. Provider-1 R76 best practices for operational maintenance
  316. how to make the gateway send logs to the domain server public ip
  317. Tips to shutdown a SMART-1 50 MDS R75.40 appliance
  318. New user(Multi Domain super user) not able to login in Multi domain manager & others
  319. Managing growing filesystem on MDSM (R75.46)- /dev/mapper/vg_splat-lv_current
  320. MDS (CMAs) <- Static NAT -> MDG
  321. MDS <-> CP Firewall delay tolerance, MDS <-> MDS delay tolerance
  322. I have very strange issue. Need help !!!
  323. How to Move one VSX cluster from one CMA to other CMA.
  324. threshold_config utility
  325. Multiple Synchronous Logging Servers (MLMs)
  326. OPSEC LEA forwarding to Log Rhythm
  327. Stuck on SmartDashboard loading scree when logging to CMA on Provider 1 version 75.20
  328. Interesting notes on Jumbo Update and basics
  329. Building MDS in HA
  330. Smart1-5 Management server upgrade
  331. sk103683 - multi domain management server
  332. AutoBackup with migrtae export or the upgrade_export
  333. CMA to SMS - Not supported ? HELP
  334. Backups and or migrate exports for CMAs
  335. Deleting Secondary MDS and CMA from Primary Multi Doamin Management
  336. CMA migration fails if any of global objects were ever renamed
  337. Backup Fails on secondary MDS.
  338. Need help migrated security policy from one CMA to another
  339. mds_backup deleting the files it created after upgrade to R77.30
  340. mds_backup not include customer folder
  341. vsx_util fails
  342. CMA Auto Backup
  343. Not all objects in objects_5_0.C file
  344. Migrate Provider-1 R75.47 to R80
  345. Licensing CLM (old name)
  346. Client Authentication Fails after migrating to CMA
  347. MDM
  348. MDS Backup
  349. Automatic Policy Push
  350. MDS failed to start after mds_backup in R77.30 with JHFA 205
  351. DMS Migration issue
  352. keeping CRL IP after changing IP address of CMA
  353. Domain Migration with VSX
  354. Upgrade Provider-1 R77.30 to R80.10 issue (is R80.10 ready for prime time).
  355. high cpu in clish and confd in Provider-1 R77.30 with JHFA 216
  356. How to export single domain from MDM to SMS
  357. Upgrade from R77.30 JHFA 216 to R80.10 not working
  358. automatic restore of P1 backup
  359. dbedit rule id syntax
  360. Error when logging into CLI of Provder-1 server
  361. CPUSE force install?
  362. Moving CMA from one MDS env to a different one
  363. Get VSX objects of a CMA from expert
  364. MDS R77.30 restore. Some unexpected things.
at No comments:

Wednesday, 19 February 2020

Install Checkpoint Security Gateway R80.20 on VMware Workstation


VMware Workstation Version : 12 PRO
IP Address Details
Gateway 1 (Active) IP : Internal (eth0) –> 192.168.1.2/24
Management Server IP : 192.168.1.10/24
VMNet Details
VMnet1 : Host-Only : Internal  : 192.168.1.0/24
As per the above diagram we are going to setup Security Gateway with R80.20 ISO.
STEP 01: Download the R80.20 ISO file by refer the sk122485.
STEP 02: Click on “Clean Install” option because we are not doing any GAIA OS version upgrade from any GAIA OS from lower version to Higher version. For example from R80.10.to R80.20.
STEP 03: File Name: Check_Point_R80.20_T101_Security_Management.iso
STEP 04: Verify the MD5 value.
I am using MD5Checker tool to verify, also you can refer other tools to verify the MD5 value.
STEP 05: Open the MD5Checker and add the R80.20 ISO image by clicking the “Add” icon.
STEP 06: Md5 value is showing “same”.
STEP 07: Check the Network configuration to assign network address to VMnet (Virtual Network), so to verify the network configuration go to VMWARE —> FILE —> Virtual Network Editor
As per the below diagram I am using Network 192.168.1.0 so it required one VMnet to setup the MGMT server so I change network 10.10.10.0 to 192.168.1.0/24 where I configure Management Server IP as 192.168.1.10 and Default Gateway as 192.168.1.2.
STEP 08: Click on  “Change Setting”.
STEP 09: As below image I change to 192.168.1.0 Network so basically I add the network address: 192.168.1.0 and Subnet Mask:255.255.255.0.
NOTE: Uncheck the “Use local DHCP service to distribute IP address to VMs” because we assign static IP address.
STEP 10: Verify that what is the IP address of that HOST machine (The Machine where we install/run the VMWARE). So basically by default, if I configure the VMnet as 192.168.1.0 then Host machine will getting First host address as 192.168.1.1 but we can use any IP address from on that network segment but on our LAB we are not going to change, take as is it.
NOTE: As my personal experience most of the time people are using First host address such as 192.168.1.1 (example IP address ) as Gateway address or Management address so on that scenario we not able to run the GAIA First Time Wizard configuration because HOST machine by default took the first host address.
STEP 11: Create a new Virtual Machine click on “Create a New Virtual Machine”.
STEP 12: Select the ISO Image file,  click on “Browse”.
STEP 13: Select the R80.20 ISO image file.
STEP 14: Select the Guest Operating System: Other because it not on the list and select the Version: Other 64-bit because I am using 64-bit OS.
STEP 15: Select the location where the VM configuration file is store so I select my “D drive”.
NOTE: It is not necessary that you select the “C Drive” only, You can use other drives as well but space should be there.
STEP 16: We are going to use Maximum disk size(GB):100 and select the “Store virtual disk as a single file”
NOTE: As per my personal experience I always recommended to use more than 60 GB as disk size.
STEP 17: Select “Customize Hardware” for configure some parameter.
STEP 18: Select the memory (RAM): 4 GB but as per the below image we can see the minimum memory required is 6 GB for Management Server but because this is my LAB setup so I use 4GB.
STEP 19: Select the total processor core as “2” .
NOTE: As on Live setup need to check with your checkpoint local SE for sizing.
STEP 20: Select the Network Adapter: VMnet1 because we are using VMnet:192.168.1.0
STEP 21: Click “Finish”.
STEP 22: Power on the virtual machine.
STEP 23: Select “Install Gaia on the this System”.
STEP 24: Click “OK”.
STEP 25: Click “US” because I am not using any other language keyboard.
STEP 26: I modify the default configuration as
System-swap (GB) : 7 % 
System-root (GB) : 22 %
Logs (GB): 20% and Backup and upgrade (GB): 50 %   
NOTE: It depends on the disk size.
STEP 27: Choose a password for Admin . So by Default username is Admin.
NOTE: Make sure that NumLk is on.  
STEP 28: Assign IP address and as well as Default Gateway.
STEP 29: Click “OK”.
STEP 30: We are going to reboot the Security Gateway.
STEP 31: Select Login : admin and password:”****” and run the First Time Configuration Wizard.
And Checking the interface configuration, like verify the IP address that we assign to the Security Gateway is properly or not.
STEP 32: Open the Browser like chrome, Mozilla, Internet Explorer, Opera, and other supported browser and browse https://192.168.1.2.(Is my Gateway IP address)
NOTE: Not “http://” it should be “https://”
STEP 33: Login with Username : admin and Password : ***** and click “Login”.
STEP 34: Click “Next”.
STEP 35: Select “Continue with R80.20 configuration” and click “Next”.
STEP 36: On below The IP address that we see, I already configured  (Check STEP:32) but still if you want to change the IP address and the Default Gateway then you can do it. eth0 is the internal interface for the security gateway because we have only one VMnet (VMnet1: 192.168.1.0) but for Gateway setup you must be added one more interface for external.
NOTE: Default gateway can be configured later.
The gateway must have one more interface so on our case we only one interface to demonstrate But it required two interfaces so we can able to install the policy.
STEP 37: Give a Host Name as per your wish, in my case I named as “SG” and also assign the Primary and Secondary DNS then click “Next”.
NOTE: Apart from “Host Name” all rest of configuration we can give later as well.
STEP 38: Select “Set time manually” and choose the Time Zone and after selecting this verify the other parameter such as Date and Time.
STEP 39: Select ” Security Gateway and /or Security Management”
NOTE: On R80.20 onward we have separate ISO for Security Gateway and Management Server and for only Security Gateway ISO  we use as StandAlone Setup as well as dedicated Security Gateway setup.
STEP 40: As we can see below image Security Gateway checkbox is already enable because it is a dedicated ISO for Security gateway, Yes we also have an option to enable the “Security Management” so once you enable the “Security Management” then it acts as a StandAlone Setup. Soon my case we only setup the security Gateway so no need to enable the “Security Management” checkbox.
Also, we see the option “Clustering” section because this is a Gateway ISO so basically on my case I am not going to configure the ClusterXL so I leave it as is it like not mark the checkbox “Unit is a part of a cluster type”.
Select the “Automatically download Blade Contracts and other important data (highly recommended)” and click “Next”.
STEP 41: On my case, the Gateway does not have any dynamic assign IP address so select “NO” am click “Next”.
STEP 42: Give a strong Secure Internal Communication (SIC) for establishing SIC between Management Server and Gateway and click “Next”.
NOTE : Note down the SIC key it require when you establish SIC.
STEP 43: Click “Yes”.
Now processing is starts.
NOTE: System is automatically going to reboot.
STEP 44: As we see below image that on the host machine or the machine where the VMware installed and running so that machine we unable to ping the gateway address (IP:92.168.1.2) because the default policy is already applied to the Security Gateway.So we need to uninstall the policy to ping work
command : clish>fw unloadlocal
STEP 45: Set the expert-password for advances access.
STEP 46: Open the command cpview (work on both default mode CLISH and also in Expert mode) to check the System Information.
STEP 47: Power on the “Management Server” VM  then open the SmartConsole and create a Gateway Object and establish SIC.
STEP 48: After on the Management Server then Login via CLI and try to ping from the Host Machine where the VMware is installed. So first ping to the Management Server IP  if it is successful then we open the SmartConsole before that also verify that all services are established (check CPM and FWM).
Command : [Expert]#cpwd_admin list
STEP 49: Add the Security Gateway by using SmartCosole.
STEP 50: As per the below image we able to see the two option one is Wizard Mode and another is Classic Mode. So we can use any of this option but I always like Wizard Mode because of it simple for me. So click on “Wizard Mode”.
STEP 51: Give a name to the Security Gateway Object. I named as “SG” and it’s an open Server so select “Open Server” so if you add any dedicated checkpoint appliance then you need to select that appliance model in that listed.
STEP 52: Assign the Gateway IP address on my case IP address is IP:192.168.1.2.
STEP 53: Now we need to put the SIC key that we set during the Security Gateway First time Configuration Wizard. (Refer STEP:42) , after assign the One-time password (SIC key) click “Next”.
STEP 54: Click “Close”.
STEP 55: Mark “Edit Gateway properties for further configuration” and click “Finish”.
STEP 56: After established the SIC just verify the General Properties.
STEP 57: On the Security Gateway —> “Network Management” click “Get Interfaces”  and Click “Get interface with Topology” so anti-spoofing is automatically configured.
STEP 58: Click “Accept”.
On the below image, we have only one interface is added so we able to see one interface IP address that is eth0.
STEP 59: Install the Database.
STEP 60: Publish and Install.
at No comments:
Subscribe to: Posts (Atom)