Basicall you will have to touch wizard_accepted file from expert mode based on Checkpoint KB 71000 First Time Configuration Wizard on Check Point appliances
- SecurePlatform OS:
touch /opt/spwm/conf/wizard_accepted
- Gaia OS:
touch /etc/.wizard_accepted
1. Steps to run first time wizard at Gaia using command line
1.1 Confirm CPCONFIG is not availabe without run First Time Wizard first.
gw-379eb9> cpconfigIn order to configure your system, please access the Web UI and finish the First Time Wizard.
1.2 Set Up Expert Password
gw-379eb9> set expert-passwordgw-379eb9> expert
Enter expert password:
1.3 Touch the magic file
[Expert@gw-379eb9:0]# touch /etc/.wizard_accepted[Expert@gw-379eb9:0]# exit
exit
1.4 Change Mgmt Interface IP Address for Remote WebUI Access
gw-379eb9> set interface Mgmt ipv4-address 10.9.2.15 mask-length 24gw-379eb9> set static-route default nexthop gateway address 10.9.2.1 on
gw-379eb9> set static-route default nexthop gateway address 192.168.1.254 off
gw-379eb9> save config
1.5 CPCONFIG for CheckPoint Product Configuration
gw-379eb9> cpconfigWelcome to Check Point Configuration Program
=================================================
Please read the following license agreement.
Hit 'ENTER' to continue...
Software License Agreement & Limited Hardware Warranty
Check Point Software Technologies Ltd.
PART I - SOFTWARE LICENSE AGREEMENT
This License Agreement (the "Agreement") is an agreement between you (both the i
ndividual installing the Product and any legal entity on whose behalf such indiv
idual is acting) (hereinafter "You" or "Your") and Check Point Software Technolo
gies Ltd. (hereinafter "Check Point").
TAKING ANY STEP TO SET-UP, USE OR INSTALL THE PRODUCT CONSTITUTES YOUR ASSENT TO
AND ACCEPTANCE OF THIS AGREEMENT. WRITTEN APPROVAL IS NOT A PREREQUISITE TO THE
VALIDITY OR ENFORCEABILITY OF THIS AGREEMENT AND NO SOLICITATION OF ANY SUCH WR
ITTEN APPROVAL BY OR ON BEHALF OF YOU SHALL BE CONSTRUED AS AN INFERENCE TO THE
.......
Select installation type:
-------------------------
(1) Stand Alone - install Check Point Security Gateway and Security Management.
(2) Distributed - install Check Point Security Gateway, Security Management and/or Log Server.
Enter your selection (1-2/a-abort) [1]: 2
Select installation type:
-------------------------
(1) Check Point Security Gateway.
(2) Security Management.
(3) Security Management and Check Point Security Gateway.
(4) Enterprise Log Server.
(5) Check Point Security Gateway and Enterprise Log Server.
Enter your selection (1-5/a-abort) [1]: 1
Is this a Dynamically Assigned IP Address gateway installation ? (y/n) [n] ? n
Would you like to install a Check Point clustering product (CPHA, CPLS or State Synchronization)? (y/n) [n] ? y
IP forwarding disabled
Hardening OS Security: IP forwarding will be disabled during boot.
Generating default filter
Default Filter installed
Hardening OS Security: Default Filter will be applied during boot.
This program will guide you through several steps where you
will define your Check Point products configuration.
At any later time, you can reconfigure these parameters by
running cpconfig
Configuring Licenses and contracts...
=====================================
Host Expiration Signature Features
Contract Coverage:
There is no contract coverage for the above licenses.
Note: The recommended way of managing licenses is using SmartUpdate.
cpconfig can be used to manage local licenses only on this machine.
Do you want to add licenses (y/n) [y] ? n
Configuring Administrator...
============================
No Check Point products Administrator is currently
defined for this Security Management Server.
Do you want to add an administrator (y/n) [y] ? n
No administrator is currently defined.
Are you sure you want to continue? (y/n) [n] ? n
Do you want to add an administrator (y/n) [y] ? y
Administrator name: admin
Password:
Verify Password:
Administrator admin was added successfully and has
Read/Write Permission for all products with Permission to Manage Administrators
Configuring GUI Clients...
==========================
GUI Clients are trusted hosts from which
Administrators are allowed to log on to this Security Management Server.
No GUI Clients defined
Do you want to add a GUI Client (y/n) [y] ? n
Configuring Random Pool...
==========================
Automatically collecting random data to be used in
various cryptographic operations.
.....
After all basic configuration completed, the appliance will be rebooted then you will be able to access it through WebUI, SSH or connect it to Smart Dashboard.
2. Checkpoint KB 69701 :
Run First Time Wizard at Command line using config_system command:
Checkpoint offers another command config_system to do First Time Wizard using a template file. It seems more complicated way to do compare CPCONFIG's wizard way.
[Expert@HostName]# config_system -t <file_name>
This will create an empty template file for system configuration.[Expert@HostName]# config_system -t <file_name>
- Open the file you created with a text editor and fill the appropriate fields.
[Expert@HostName]# config_system -f <file_name>
This will run the First Time Configuration Wizard with the information provided in the filename.[Expert@HostName]# config_system -f <file_name>
Reference:
1. First Time Configuration Wizard on Check Point appliances2. How to run the First Time Configuration Wizard through CLI in Gaia
No comments:
Post a Comment