Re: [fw-wiz] Backup Checkpoint Firewall

From: Nathaniel Hall (halln_at_otc.edu)
Date: 05/17/05

  • Next message: Paul Melson: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration" 
    To: Paul Melson <psmelson@comcast.net>, firewall-wizards@honor.icsalabs.com
Date: Tue, 17 May 2005 10:51:55 -0500

    Thanks for the input. My next problem is with upgrade_export it says the following:

    "You are required to close all Check Point clients before the export begins. If the export fails, stop Check Point
    services and run the upgrade_export command again. Press ENTER when ready.."

    Problem 1) How can I ensure all clients are closed? My first thought was to run cpstop, but my coworker said it used to
    only stop the Dashboard, but now it stops everything. That is a problem since backups are going on at the same time.

    Problem 2) Press ENTER when ready. How would I do that in a batch file?

    I know this is not the best place for problem 2, but it is still a problem.

    Nathaniel Hall, GSEC
    Intrusion Detection and Firewall Technician
    Ozarks Technical Community College -- Office of Computer Networking

    halln@otc.edu
    417-447-7535
    GPG Public Key ID: 0xAC187312

    Paul Melson wrote:
    > I would use upgrade-export on the SmartCenter server to create backups.
    > This should get you everything you could ever hope to restore into a single
    > file. It definitely meets the last two criteria, and it should be easy
    > enough to encrypt, since the actual export is a tar/gzip archive. To
    > restore, you use the appropriately-named upgrade-import tool.
    >
    > PaulM
    >
    > -----Original Message-----
    > Subject: [fw-wiz] Backup Checkpoint Firewall
    > I am working on creating a secure means to backup a CheckPoint FW-1 with AI
    > firewall. I have procedures for encrypting the information, but what is the
    > best way to get all of the configuration? Here is what I would like to
    > have:
    >
    > Text output (preferred, I can encrypt to ASCII if needed)
    > All configuration settings
    > Easy way to import into a new installation
    >
    > If this is possible, what would be the command to execute to get the backup
    > and the command to import it back in? If it isn't possible, what is the
    > best way?
    >
    >

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Paul Melson: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"

    Relevant Pages

    • Re: Good wireless signal - but browser cannot find it?
      ... But when I gave the command to see the route table, ... But his browser cannot find any connection and displays the error page ... The firewall is Norton - but disabling it temporarily made no difference. ... ping resolver1.opendns.com ...
      (microsoft.public.windowsxp.network_web)
    • Re: Simultaneous operation of two tape drives -- possible?
      ... I actually run my backups from a batch file (including ... If you invoke a program from the command line, all you have to do open a new command prompt window and invoke the program again in that window and you have two separate execution instances of the program running simultaneously, and independently as far as the operating system is concerned. ... If you invoke the program by double clicking on a program object, you can configure the object to achieve the same effect by right clicking on it and opening the properties notebook, going to the window tab and selecting "Create new window" under "Object open behavior." ...
      (comp.os.os2.setup.storage)
    • Re: IPTABLES
      ... > I need to setup the firewall IPTABLES on CentOS. ... You set up the firewall using command line commands. ... > allow to acces FROM the LAN only to a computer with MAC ADRESS xxxxxx. ...
      (comp.os.linux.setup)
    • Re: Adobe Reader will not launch in XP Home Edition SP 2
      ... for older versions of Adobe Reader all the way back to 5.x, ... and then when trying to launch the reader by clicking on a pdf file I get ... It might be your firewall, ... Results of command "notepad c:\test.txt" ...
      (microsoft.public.windowsxp.general)
    • Re: ISO help opening Windows (XP and VISTA) firewall programmatically
      ... launch this command from elevated command promp and see the results. ... this utility opens a couple of ports in Windows firewall, ... Firewall dialogs asking of they want to block. ... does not do its job when run during installation on a Windows Vista ...
      (microsoft.public.win32.programmer.networks)