Check Point firewall how to

How to get checkpoint version:

Gaia
admin>show version all
admin>fw ver
IPSO
cp[admin]#fw ver

How to check the policy package installed on firewall

Gaia (check if you have proper permission to run cli commands)
cp[admin]#  fw stat
HOST POLICY DATE
localhost PolicyName 29Jun2017 11:05:51 : [>eth5] [eth2]

How to get checkpoint serial number:

CP> show asset system
Platform: xxxxx
Model: Check Point xxxx
Serial Number: xxxxxxx
CPU Frequency: xxxx.xxx

Check uptime:

CP> show uptime
expert[cp]# uptime
 06:51:23 up 497 days,  4:39,  1 user,  load average: 1.00, 1.00, 1.00

How to export configuration backup from cli:

 CP[admin]# cst -small
 CST version 2007-09-26
== CST will not collect cores or firewall logs ==
 =============== N O T I C E: VOYAGER LOCKS =========================
 Please make sure you are logged out of Voyager.
 CST gathers certain information from clish, which may not work
 when there is a configuration lock in place established by an active
 Voyager session.
 =============== E N D O F N O T I C E =========================
Continue? [y] y
 Output Directory? [.] /opt
 IPSO-6.2-GA083a02 detected...
 Generating IPv4 configuration summary...done
 Generating IPv6 configuration summary...done
 Gathering cpu utilization data...done
 Gathering memory utilization data...done
 Gathering interface statistics...done
 Gathering standard ipsoinfo data...netstat: sysctl: net.inet.icmp.stats: Cannot allocate memory
 done
 Gathering additional ipso information...
 vrrp data...done
 route data...done
 rip data...done
 ospf data...done
 bgp data...done
 dvmrp data...done
 pim data...done
 ...done
 Gathering system logs......done
 Processsing vmcore files...none on this system.....done
 Gathering firewall data... Invalid flavour 'general' for product 'vpn'. Use 'cpstat' without any arguments to see supported products and flavours.
 Invalid flavour 'fwz' for product 'vpn'. Use 'cpstat' without any arguments to see supported products and flavours.
 No product has flag 'ci'
 ...done
 Fetching cpinfo...
 cpinfo (I:0110): Beginning ...
cpinfo (I:0116): Latest cpinfo version: http://www.checkpoint.com/downloads/
 cpinfo (I:0112): Embedding files ...
cpinfo (I:0120): Output file - cst-flkrseinc-03-04.19.2017-1303/cpinfo.flkrseinc-03.04.19.2017-1303
 cpinfo (I:0111): Done
 done
 Creating index...done
 Including chart software...done
 Creating archive file...done
 Skipping core files
 Fetching routing daemon state...done
 Compressing final archive...done
Output saved to /opt/cst-flkrseinc-03-04.19.2017-1303.tar.gz

Where the logs are stored in checkpoint:

/var/log/opt/CPsuite-RXX/fw1/log

How to check ha status?

cphaprob state

Manually set time in ipso:

ipso[admin]# date 201707271836.30

ipso[admin]# date
 Thu Jul 27 18:36:33 ICT 2017

Create subinterface on checkpoint gaia:

 set interface bond2 state on
 add interface bond2 vlan 36
 set interface bond2.36 state on
 set interface bond2.36 ipv4-address x.x.x.x mask-length 24

Capture traffic on checkpoint:

tcpdump -nni any host x.x.x.x 
or 
tcpdump -nni any host x.x.x.x and host y.y.y.y
or
fw monitor -e 'accept (src=10.1.1.1 and dst=10.2.2.2) or (src=10.2.2.2 and dst=10.1.1.1);'

How to create vlan interface on GAIA form CLI:

 set interface ethX state on
 add interface ethX vlan xx
 set interface ethX.xx state on
 set interface ethX.xx ipv4-address x.x.x.x mask-length 24

Check the policy package on firewall on ipso:

pre>admin>fw stat

Fetch policy on gateway:

fw fetch <ip of manager>

Check the cluster status on gaia:

cphaprob stat
cphaprob -a if

Set date manually on nokia ip:

set date day 17 month 10 year 2017 minute 24 hour 15 second 02

Restart nptq on gaia:

services ntpq  restart

How to set expert password in GAIA:

gateway-1> set expert-password
Enter new expert password:
Enter new expert password (again):

 

 

 

Advertisements
This entry was posted in Check Point and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s