Check Point firewall how to

How to get checkpoint version:

admin>show version all
admin>fw ver
cp[admin]#fw ver

How to check the policy package installed on firewall

Gaia (check if you have proper permission to run cli commands)
cp[admin]#  fw stat
localhost PolicyName 29Jun2017 11:05:51 : [>eth5] [eth2]

How to get checkpoint serial number:

CP> show asset system
Platform: xxxxx
Model: Check Point xxxx
Serial Number: xxxxxxx
CPU Frequency:

Check uptime:

CP> show uptime
expert[cp]# uptime
 06:51:23 up 497 days,  4:39,  1 user,  load average: 1.00, 1.00, 1.00

How to export configuration backup from cli:

 CP[admin]# cst -small
 CST version 2007-09-26
== CST will not collect cores or firewall logs ==
 =============== N O T I C E: VOYAGER LOCKS =========================
 Please make sure you are logged out of Voyager.
 CST gathers certain information from clish, which may not work
 when there is a configuration lock in place established by an active
 Voyager session.
 =============== E N D O F N O T I C E =========================
Continue? [y] y
 Output Directory? [.] /opt
 IPSO-6.2-GA083a02 detected...
 Generating IPv4 configuration summary...done
 Generating IPv6 configuration summary...done
 Gathering cpu utilization data...done
 Gathering memory utilization data...done
 Gathering interface statistics...done
 Gathering standard ipsoinfo data...netstat: sysctl: net.inet.icmp.stats: Cannot allocate memory
 Gathering additional ipso information...
 vrrp data...done
 route data...done
 rip data...done
 ospf data...done
 bgp data...done
 dvmrp data...done
 pim data...done
 Gathering system logs......done
 Processsing vmcore files...none on this system.....done
 Gathering firewall data... Invalid flavour 'general' for product 'vpn'. Use 'cpstat' without any arguments to see supported products and flavours.
 Invalid flavour 'fwz' for product 'vpn'. Use 'cpstat' without any arguments to see supported products and flavours.
 No product has flag 'ci'
 Fetching cpinfo...
 cpinfo (I:0110): Beginning ...
cpinfo (I:0116): Latest cpinfo version:
 cpinfo (I:0112): Embedding files ...
cpinfo (I:0120): Output file - cst-flkrseinc-03-04.19.2017-1303/cpinfo.flkrseinc-
 cpinfo (I:0111): Done
 Creating index...done
 Including chart software...done
 Creating archive file...done
 Skipping core files
 Fetching routing daemon state...done
 Compressing final archive...done
Output saved to /opt/cst-flkrseinc-03-04.19.2017-1303.tar.gz

Where the logs are stored in checkpoint:


How to check ha status?

cphaprob state

Manually set time in ipso:

ipso[admin]# date 201707271836.30

ipso[admin]# date
 Thu Jul 27 18:36:33 ICT 2017

Create subinterface on checkpoint gaia:

 set interface bond2 state on
 add interface bond2 vlan 36
 set interface bond2.36 state on
 set interface bond2.36 ipv4-address x.x.x.x mask-length 24

Capture traffic on checkpoint:

tcpdump -nni any host x.x.x.x 
tcpdump -nni any host x.x.x.x and host y.y.y.y
fw monitor -e 'accept (src= and dst= or (src= and dst=;'

How to create vlan interface on GAIA form CLI:

 set interface ethX state on
 add interface ethX vlan xx
 set interface ethX.xx state on
 set interface ethX.xx ipv4-address x.x.x.x mask-length 24

Check the policy package on firewall on ipso:

pre>admin>fw stat

Fetch policy on gateway:

fw fetch <ip of manager>

Check the cluster status on gaia:

cphaprob stat
cphaprob -a if

Set date manually on nokia ip:

set date day 17 month 10 year 2017 minute 24 hour 15 second 02

Restart nptq on gaia:

services ntpq  restart

How to set expert password in GAIA:

gateway-1> set expert-password
Enter new expert password:
Enter new expert password (again):




This entry was posted in Check Point and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s