gibbsie.org Knowledge Base

Check Point FW-1

Aug 3rd 2008
No Comments
respond
trackback

Initial command-line options:

cpstart
Launches all Check Point VPN-1 NGX applications running on the system, except for cprid, which is invoked on boot and runs separately. The processes cpstart loads are:

  • NGX daemon (fwd)
  • SmartCentre Server (fwm)
  • NGX SNMP daemon (snmpd)
  • Authentication daemons

cpstop
Kills all Check Point applications running on the system, except for cprid, which is invoked on boot and runs separately. The processes cpstop kills are:

  • NGX daemon (fwd)
  • SmartCentre Server (fwm)
  • NGX SNMP daemon (snmpd)
  • Authentication daemons

cprestart
Issues a cpstop followed immediately by a cpstart.

cplic print
Prints the details of Check Point FW-1 NGX licenses; the syntax is:
cplic print [local management] [remote host]

fw commands

These commands are used to interact with various aspects of NGX Gateways. All of the below fw commands are to be executed on the Security Gateway.

To be written

Adding FW1 Licenses (on a standalone device)

When a licence has been allocated to a firewall, you should receive a mail from Checkpoint providing you with the details for the licence and with instructions on how to install licenses.

Licences can be added using either the Voyager interface, or the command line

To add a licence from the command line, type:
cplic put [public] [date/never] [licence string] [features]

Alternatively, use cpconfig and select option 1 for Licensing. This will prompt you for each of the bits of information provided above. You will have this information provided in the email with the licence.

You will usually use the never option when supplying the expiry date, however on occasion a project manager may provide you with a temporary licence where you will be required to specify the expiry date. In this case, it will be important to ensure that the licence is updated appropriately before expiry.


This post is tagged ,

No Comments

Leave a Reply