checkpoint

There are two ways to integrate STRM with Check Point Firewalls devices. 1. Using Syslog On Check Point management station, you can follow these steps to redirect firewall logs and audit logs to the external syslog server: a) Vi /etc/syslog.conf, on the management station, and add the following line at the end of the file: local5.info @hostname such as : local5.info @10.9.20.23 where ‘10.9.20.23’ is the IP of the syslog server (Juniper STRM). b ) if your management server is SecurePlatform – Execute ‘ service syslog restart ’. c) Add this command to /etc/rc.d/init.d/cpboot : fw log -ftnl |

Checkpoint Support KB SK60443 shows a document regarding How to install Full HA cluster on Check Point Appliances . Here I will use my LAB to present all steps with more screenshots. First two steps are mostly coming from SK60443 document. Topologies 1. Initial Connection Connect a crossover cable from a PC workstation t o the Internal NIC of the Appliance. Set the IP of the workstation at: 192.168.1.x / 24. use any IP except “.1”, which is the default for the Checkpoint appliance. Open a web browser and connect to https://192.168.1.1:4434 If you have a pop up blocker, you’ll need to disable

I was looking for a tool to export Checkpoint Management Server database to a readable format in Excel or Html format. Checkpoint already has a great tool and KB to present a solution for this purpose: “sk64501:Exporting Check Point configuration from Security Management Server into readable format using Web Visualization Tool” 1. Installation the Web Visualization Tool cpdb2html Download it from the link . Extract the file cpdb2web_B983000003_1.tgz into a folder. You will get these files in the folder: 2. Command line C:Toolscpdb2web_B983000003_1> cpdb2html.bat ? Check Point Web Visualization

Installed Checkpoint R77.20 in virtual machine to do testing. The installation of gateway and mgmt server is not having problem, but had an issue while installing SmartConsole R77.20 on windows 7 machine. Symptons: 1. First error I met is at during installation. Unable to register dlls in: C:Program FilesCheckPointSmartConsoleR77.20PROGRAMpe_components_reg.conf After clicked OK button, installation was able to complete. 2. Second error message is popped up when tried to run SmarConsole applications, such as SmartDashboard, SmartTrack, SmartMonitor etc. This error is common happened. Google

Trying to do a controlled failover on Checkpoint Firewall ClusterXL environment and found Checkpoint expert command clusterXL_admin in sk55081 . $FWDIR/bin/clusterXL_admin is a special shell script that not only makes the task of adding a new Critical Device easier, but also checks the change in member’s state and provides the user with the feedback. This script registers a Critical Device called “admin_down”. The syntax for bringing the cluster member Down is: [ [email protected] ]# clusterXL_admin down [-p] The syntax for bringing the cluster member Up is: [ [email protected] ]# clusterXL

Situation: Experienced similiar issue happened two years ago again. Trying to upgrade R75.40 Splat Checkpoint Box to R77.10 Gaia, but it was failed from Webui. Webui will not give you too much information to let you troubleshoot it. Last time the fix for me is to chose Splat version to upgrade from R71.30 to R75.40, rather than Gaia. This time I have enough patient to get this issue fixed. Since Webui failed, I went to cli to try using the method from my previous post (Upgrade Checkpoint from Command Line after failed from Webui) . Still got the failed message. But from /var/log/CPupgrade.elg,

Symptoms: One of cluster member shows problem. It always happened on standby member. If goes into deep, you will find some of cluster member interfaces are showing down or partially up, although physically interface is up and connected properly. Log into command line on primary member: [ [email protected] ]# cphaprob stat Cluster Mode: New High Availability (Active Up) with IGMP Membership Number Unique Address Assigned Load State 1 (local) 1.1.1.1 100% Active 2 1.1.1.2 0% Down On standby checkpoint member : [ [email protected] ]# cphaprob stat Cluster Mode: New High Availability (Active Up)

Please note that this will erase all passwords and configurations To reset the box to defaults, please do the following: * Unplug the power cord. * Hold the reset button on the back of the box. * Plug in the power cord while holding the button until the pwr/sec led is steady red. * Leave the reset button for 3 seconds. * Press the reset button again for 10 seconds until the pwr/sec led starts blinking red. * Reconfigure your box and install certs. Share this: Click to share on Twitter (Opens in new window) Click to share on Facebook (Opens in new window) More Click to print (Opens in new

HDFS CheckPoint && SavePoint 标签（空格分隔）： Hadoop HDFS CheckPoint HDFS 将文件系统的元数据信息存放在 fsimage 和一系列的 edits 文件中。 在启动 HDFS 集群时，系统会先加载 fsimage，然后逐个执行所有Edits文件中的每一条操作，来获取完整的文件系统元数据。 文件 HDFS 的存储元数据是由 fsimage 和 edits 文件组成。fsimage 存放上次 checkpoint 生成的文件系统元数据（并不是Active Namenode 内存中最新的元数据状态），edits log 存放文件系统操作日志。checkpoint的过程，就是合并 fsimage 和 edits 文件，然后生成最新的 fsimage 的过程。 fsimage文件: fsimage 里保存的是 HDFS 文件系统的元数据信息。每次 checkpoint 的时候生成一个新的 fsimage 文件，fsimage 文件同步保存在 active namenode 上和 standby namenode 上。是在 standby namenode 上生成并上传到 active namenode 上的。 edits文件: active namenode 会及时把 HDFS 的修改信息（创建，修改，删除等）写入到本地目录，和