Press "Enter" to skip to content

Enable SCP user on R75.40 Management Server

0

Enable SCP for SPLAT Smart-1 R75.40 Management Server 1) Login with the admin account 2) Enter Expert mode 3) Type adduser usernameadduser scpuser 4) Enter the password when prompted [[email protected]]# adduser scpuserEnter password: Enter password (again): User ‘scpuser’ was added successfully 5) Type vi /etc/passwd 6) Change the end of the line with the username from /bin/cpshell to /bin/bash It should look…

Enable Hidden 3D Report Tool on R75.40 SmartEvent Tool

0

What is 3D Report Tool? It analyze your network and provide a comprehensive security analysis report – exposing security risks and suggesting remediation. All security threats in one single report (High risk application and web sites, intrusions attempts, sensitive data loss, bandwidth hogging and more…) Easy-to-read graphical reports This service is free of charge No risk to your network environment…

Checkpoint SPLAT WebUI Error with browsers

0

Checkpoint SPLAT WebUI brings some crucial features when working on configuration or maintenance, especially for operations. In some certain environment, browser compatibility really bothers me a lot. Here is the envrionment: SPLAT version R75.40 (but same on R75.20 and R75.30) 1. Chrome 2. IE 8 Some machines I got the following error “You must include webisapi.js in order for webisBrowserSupport.js…

Sysconfig Command without first time configure wizard completed in Checkpoint appliance

0

Got a situation which has to remotely configure a factory reset checkpoint 2205 appliance. Unfortunately I have to do basic configuration from remote first until get internal interface configured proper ip, then I am able to run first time wizard to continue set up with new ip address. As we know after checkpoint appliance reset to factory, internal interface is…

Checkpoint SPLAT Manual Proxy ARP Configuration Example

0

Checkpoint manual NAT configuration is a quite useful method to remedy the weakness of auto nat . For me, I always mix them according to different scenarios although there are quite discussion which is better in a dispute  CPUG post. Use auto nat as possible as I can when starting projects or network, then slowly to roll out manually NAT when complexity components…

Checkpoint SPLAT Timezone Configuration Difference on WebUI and CMD

2

When setting up Checkpoint Smart-1 / SPLAT / UTM gateway, there is one thing always confusing admin – how to set up correct timezone with daylight saving. Usually WebUI is the first interface to start setting up checkpoint gateway. Unfortunately, the NTP configuration is not that straightforward. As the screenshot shows, it only allows admin to set time zone to…

Checkpoint Management Center Snapshot, Backup and Log file location

0

Our management server Smart-1 is running at standalone mode, not have another HA standby for redundancy. If not having a decent backup for disaster recovery, our situation will be dangerous. Usually I do upgrade_export  from command line and backup checkpoint from WebUI, then ftp both files out in a safe place. Image file at Smart-1 seems not exportable from appliance.…

Enable Checkpoint SmartWorkflow on Management Server

0

Just enabled SmartWorkflow and have some steps recorded here to share Enable SmartWorkflow steps: 1. Create two Permission Profiles for normal administrators and managers. Only difference is Manager profile has manage administrators permission. 2. Create two users , Admin1 and manager. Admin1 is used to perform daily routing work and it is associated with permission profile Admin. manager is in Manager group…

Cisco IOU IPsec Site to Site VPN with External Third Party CA (XCA) – Part 3

1

This is lab part 3 to verify three different  ipsec vpn authentication methods: Pre-share key, RSA key and CA. First two parts has been listed in previous posts. Here is last part – external CA. Cisco IOU IPsec Site to Site VPN with Pre-shared key, RSA Key, or CA Part 1 Cisco IOU IPsec Site to Site VPN with Pre-shared…