Month: July 2018

Checkpoint R80 CPM – new ports for SmartConsole (old CPMI)

by

If you have installed R80.10 recently, you might have noticed that the Management ports have changed from the earlier versions.

Earlier it was TCP/18190 and TCP/18264.

From R80 and on, the “CPM” port is now changed to TCP/19009

CPM – Check Point Management Server
Listened by CPM server for remote connections (For example SmartConsole. Added in R80)

 

 

An updated list of ports being used by Checkpoint software is described in this secureknowledge article.   sk52421

 

First Time Wizard – run it again or skip it.

by

If you have been deploying Checkpoint Firewalls, at some point you most likely have wanted to skip the First Time Wizard.
(First Time Wizard)

First Time Wizard

When migrating gateways to new hardware, I often save the Gaia configuration, and import it just after installing the new appliance. This saves me the trouble of configurering everything from scratch.

(Take note, that this is not possible in all scenarios)

Gaia Save Configuration command.
———————
mgmt1> save
clienv – Save CLI environment variables.
config – save current configuration
configuration – Save configuration to file
mgmt1> save configuration mysavedconfigurationfile
———————

In most cases i skip the FTW, and import the saved Gaia config…

To skip the Gaia FTW in R80 and above, create the “accepted” files manual.

Login in Expert mode, and create these files.

  • [Expert@HostName:0]# touch /etc/.wizard_accepted
  • [Expert@HostName:0]# touch /etc/.wizard_started

For full description see sk71000

If you want to rerun the FTW, simply delete the files above.

  • rm -i /etc/.wizard_accepted
  • rm -i /etc/.wizard_started

See also…

http://svendsen.me/first-time-wizard-run-it-from-expert/

https://www.checkpoint.com/