WikiOld

User Tools

Site Tools

Trace: yum mep installation
eduardo:checkpoint:installation

Table of Contents

Checkpoint Installation

  • Download the Secure Gateway NGX RXX Suite for SecurePlatform and Linux 3.0

Based OS Installation

  • Boot from the media to install the based OS.
  • Install Secure Platform Pro
  • The initial default login are
    • username: admin
    • password: admin
  • Login to the OS using default login information
  • Run sysconfig to configure as a minimum
    • 1) Host Name
    • 5) Network Connections e.g. IP
    • 6) Routing
[SecureGateway]# sysconfig

Choose a configuration item ('e' to exit):
------------------------------------------------------------------
1) Host name                    7) DHCP Server Configuration
2) Domain name                  8) DHCP Relay Configuration
3) Domain name servers          9) Export Setup
4) Time and Date               10) Products Installation
5) Network Connections         11) Products Configuration
6) Routing
------------------------------------------------------------------
(Note: configuration changes are automatically saved)
Your choice:

SmartCenter Installation

  • SmartCenter provide a Smart Dashboard used to manage multiple VPN/Firewall with the same policy
  • After Based OS Installation
  • Run sysconfig and choose 10) Product Installation
[SecureGateway]# sysconfig

Choose a configuration item ('e' to exit):
------------------------------------------------------------------
1) Host name                    7) DHCP Server Configuration
2) Domain name                  8) DHCP Relay Configuration
3) Domain name servers          9) Export Setup
4) Time and Date               10) Products Installation
5) Network Connections         11) Products Configuration
6) Routing
------------------------------------------------------------------
(Note: configuration changes are automatically saved)
Your choice:
  • Install Smart Dashboard by choosing to install SmartCenter
1 [ ] VPN-1 Power
2 [ ] UserAuthority
3 [x] SmartCenter
4 [ ] Eventia Suite
5 [ ] Endpoint security
6 [ ] Performance Pack
7 [ ] SmartPortal

VPN-1 Installation

  • VPN-1 is the bastion host that receive the policy from Smart Center Server and act as a Firewall/VPN
  • After Based OS Installation
  • Run sysconfig and choose 10) Products Installation
[SecureGateway]# sysconfig

Choose a configuration item ('e' to exit):
------------------------------------------------------------------
1) Host name                    7) DHCP Server Configuration
2) Domain name                  8) DHCP Relay Configuration
3) Domain name servers          9) Export Setup
4) Time and Date               10) Products Installation
5) Network Connections         11) Products Configuration
6) Routing
------------------------------------------------------------------
(Note: configuration changes are automatically saved)
Your choice:
  • Install Smart Dashboard by choosing to install SmartCenter
  • After installation, reboot
1 [x] VPN-1 Power
2 [ ] UserAuthority
3 [ ] SmartCenter
4 [ ] Eventia Suite
5 [ ] Endpoint security
6 [ ] Performance Pack
7 [ ] SmartPortal
  • Run sysconfig and choose 11) Products Configuration
[SecureGateway]# sysconfig

Choose a configuration item ('e' to exit):
------------------------------------------------------------------
1) Host name                    7) DHCP Server Configuration
2) Domain name                  8) DHCP Relay Configuration
3) Domain name servers          9) Export Setup
4) Time and Date               10) Products Installation
5) Network Connections         11) Products Configuration
6) Routing
------------------------------------------------------------------
(Note: configuration changes are automatically saved)
Your choice:
  • Configure (5) Secure Internal Communication (SIC)
  • Configure an Activation Key for SIC with the Smart Center Server
This program will let you re-configure
your Check Point products configuration.


Configuration Options:
----------------------
(1)  Licenses
(2)  SNMP Extension
(3)  PKCS#11 Token
(4)  Random Pool
(5)  Secure Internal Communication
(6)  Disable cluster membership for this gateway
(7)  Automatic start of Check Point Products

(8) Exit

Enter your choice (1-8) :

Configure Cluster and add firewall

  • Start Smart Dashboard and connect to the Smart Center Server
  • Create New Checkpoint > VPN1-Power/UTM Cluster
  • Configure cluster Names and IP

  • Add New Cluster Member
  • Configure Name/IP
  • Configure Activation Key which must matched what was configured on the Bastion host
  • Clicks Initialize

  • Edit cluster
  • Edit Topology

  • Add interfaces and VRRP address
  • One interfaces must be designated as Sync

  • May need to remove Anti Spoofing Rule on Internal Interface

eduardo/checkpoint/installation.txt · Last modified: 2024/02/23 08:20 by 127.0.0.1