Solved

Upgrading Checkpoint NG to Checkpoint NGX

Posted on 2007-03-23
6
2,235 Views
Last Modified: 2013-11-16
Hi Expert-Exchange Members
I am trying to upgrade CheckPoint NG too Checkpoint NGX.  I thought it would be a case on inserting the CD and running the setup, but now I have two version of Checkpoint on on machine.

Could someone explan how I would install Checkpoint NGX on the machine with the same set of rules installed as the version of Checkpoint NG?

Thank you for reading

Regards

GrahamR99
0
Comment
Question by:GrahamR99
  • 3
  • 3
6 Comments
 
LVL 6

Expert Comment

by:Dooglave
ID: 18783798
I guess this in on Windows?  You should have been prompted on the install to do an inplace upgrade.
Well If you have an extensive rulebase that you don't want to loose then you need to have either backed up the system before the upgrade or start backing it up now just in case.


I would start out by running in %FWDIR%/bin/upgrade_tools
upgrade_export.exe

Install your new version of Check Point on another system, finish the install till the point you are pushing an any any policy.
You have to have the exact same host name and ip address on the new system.

Then run upgrade_import.exe

Double Login with SmartDashboard and make sure you config looks good. If so then you have a good upgrade export.  Reformat the primary server and do the same thing as you just did on this test system.

If the test box fails then let me know. Try not to mess with you production box any more until you know you have a solid plan to move forward.

0
 

Author Comment

by:GrahamR99
ID: 18785062
Hi Dooglave
The OS is Windows 2000 SP 4,  I have take a Virutal Machine of the Live firewall and currently working on that until I have the skill to perform on the live system.

Do I understand correctly I should install the new software on a clean OS, and restore the rules from the Export I make from the current firewall system?

Regards

GrahamR99
0
 
LVL 6

Accepted Solution

by:
Dooglave earned 500 total points
ID: 18786952
Yes, that's a good idea. This way if you make a mistake you can alway revert to your snapshot in vmware.  Once you have it all figured out put it on a real system. Check Point doesn't support vmware but it's a great tool for testing.

You can sign up for a free account on checkpoints website and then you can download these docs. Just click on your version and you will see many docs to help you learn.

http://www.checkpoint.com/support/technical/documents/index.html

Start out with the Getting Started Guide and the Upgrade User Guide.
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 

Author Comment

by:GrahamR99
ID: 18792543
Hi Dooglave
I am starting to think I don't have the right software as I have installed the software on a clean VM, but do not have the file upgrade_import.exe, to reimport the configuration.

I have three disks labled Provider-1, SMP, and VPN-1 VSX.

I am installing disk 1 which is Provider-1, is this the correct disk?

Regards

GrahamR99
0
 
LVL 6

Expert Comment

by:Dooglave
ID: 18796399
Hmmm, those don't look right at all.  You have the High-End Package, I'd bet none of those disk are right for you.

If you were using Provider-1 or VSX you would know it.

 Best you check your UserCenter account to find out what license you have if you don't know. If it turns out that you have Provider-1 or VSX then you need to hire someone to come out and help you.

Make backups!

Do you have a Software Subscription? If you do you can download the R65 iso from Check Point's website.

 VPN-1 Power/UTM,  NGX R65 on  Windows
0
 

Author Comment

by:GrahamR99
ID: 18798543
Have ordered the new disk, should be here this week. Hopyfully it should just work now.

Thank you for all your help.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question