Author Archives: Farzand Ali
Changing the Management Interface
set management interface <new_management_interface>delete interface <old_management_interface> ipv4-addressset interface <new_management_interface> ipv4-address <ip>
mask-length <length>set interface <new_management_interface> state on
How to change IP Address in Check Point firewall
To view IP Address information in Linux/UNIX, use ifconfig (F) command. It’s slightly different from Microsoft whereby ipconfig (P) command is used.
[R60-FW]# ifconfig
To change the IP Address, use the following command
ifconfig eth0 192.168.10.254 netmask 255.255.255.0 up
Again, use ifconfig command to verify it.
Even though we can change the IP Address of Check Point firewall by using this way, but it’s not advisable
Ifconfig is a temporary solution to change the ip address in the firewall. Once you’ve rebooted the firewall, it will be changed to the old ip address.
So, the best way to change IP Address of Check Point firewall permanently is by using sysconfigcommand:
[Expert@R60-FW]# sysconfig
Choose menu 5) Network Connections
Choose a configuration item (‘e’ to exit):
——————————————————————
1) Host name 7) DHCP Server Configuration
2) Domain name 8) DHCP Relay Configuration
3) Domain name servers 9) Export Setup
4) Time and Date 10) Products Installation
5) Network Connections 11) Products Configuration
6) Routing
——————————————————————
(Note: configuration changes are automatically saved)
Your choice:5
2) Configure connection
Choose a network connections configuration item (‘e’ to exit):
——————————————————————
1) Add new connection 4) Select management connection
2) Configure connection 5) Show connection configuration
3) Remove connection
——————————————————————
(Note: configuration changes are automatically saved)
Your choice:2
1) eth0
Choose a connection to configure (‘e’ to exit):
——————————————————————
1) eth0
2) eth1
3) eth2
——————————————————————
(Note: configuration changes are automatically saved)
Your choice: 1
1) Change IP settings
Choose eth0 item to configure (‘e’ to exit):
——————————————————————
1) Change IP settings 3) Remove IP from interface
2) Change MTU settings 4) Change from static to dynamic IP
——————————————————————
(Note: configuration changes are automatically saved)
Your choice: 1
Check Point – GAiA – Change or Set Expert Password – CLI
In order to change expert password of Check Point firewall running GAiA OS, logon to CLI, make sure you are in “clish” mode and execute command “set expert-password plain“. You need to enter current expert password and they you’ll be able to choose a new expert password.
Syntax:
set expert-password plain
Example:
CP-Firewall-GAiA>
CP-Firewall-GAiA> set expert-password plain
Enter current expert password :
Enter new expert password:
Enter new expert password (again):
CP-Firewall-GAiA>
CP-Firewall-GAiA>
Cisco Labs
CCP Configuration:
ASA ASDM basic config:
http://www.net-gyver.com/?p=1419
Cisco 861/871 basic router configuration:
Cisco IOS DHCP Configuration:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/812-cisco-router-dhcp-config.html
IOS Zone based Firewall configuration:
http://packetlife.net/blog/2012/jan/30/ios-zone-based-firewall/
IOS Site-to-Site IPSec VPN Configuration:
ASA Site-to-Site IPSec VPN:
http://packetlife.net/blog/2011/jul/11/lan-lan-vpn-asa-5505/
https://www.petenetlive.com/KB/Article/0000072
Cisco VPN Client Configuration – Setup for IOS Router:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/809-cisco-router-vpn-client.html
http://www.alfredtong.com/cisco/cisco-ios-remote-access-ipsec-vpn/
CONFIGURING CISCO SSL VPN ANYCONNECT (WEBVPN) ON CISCO IOS ROUTERS:
Cisco Tools and Applications:
http://www.firewall.cx/downloads/cisco-tools-a-applications.html
