Solved

Upgrading Checkpoint NG to Checkpoint NGX

Posted on 2007-03-23
6
2,256 Views
Last Modified: 2013-11-16
Hi Expert-Exchange Members
I am trying to upgrade CheckPoint NG too Checkpoint NGX.  I thought it would be a case on inserting the CD and running the setup, but now I have two version of Checkpoint on on machine.

Could someone explan how I would install Checkpoint NGX on the machine with the same set of rules installed as the version of Checkpoint NG?

Thank you for reading

Regards

GrahamR99
0
Comment
Question by:GrahamR99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 6

Expert Comment

by:Dooglave
ID: 18783798
I guess this in on Windows?  You should have been prompted on the install to do an inplace upgrade.
Well If you have an extensive rulebase that you don't want to loose then you need to have either backed up the system before the upgrade or start backing it up now just in case.


I would start out by running in %FWDIR%/bin/upgrade_tools
upgrade_export.exe

Install your new version of Check Point on another system, finish the install till the point you are pushing an any any policy.
You have to have the exact same host name and ip address on the new system.

Then run upgrade_import.exe

Double Login with SmartDashboard and make sure you config looks good. If so then you have a good upgrade export.  Reformat the primary server and do the same thing as you just did on this test system.

If the test box fails then let me know. Try not to mess with you production box any more until you know you have a solid plan to move forward.

0
 

Author Comment

by:GrahamR99
ID: 18785062
Hi Dooglave
The OS is Windows 2000 SP 4,  I have take a Virutal Machine of the Live firewall and currently working on that until I have the skill to perform on the live system.

Do I understand correctly I should install the new software on a clean OS, and restore the rules from the Export I make from the current firewall system?

Regards

GrahamR99
0
 
LVL 6

Accepted Solution

by:
Dooglave earned 500 total points
ID: 18786952
Yes, that's a good idea. This way if you make a mistake you can alway revert to your snapshot in vmware.  Once you have it all figured out put it on a real system. Check Point doesn't support vmware but it's a great tool for testing.

You can sign up for a free account on checkpoints website and then you can download these docs. Just click on your version and you will see many docs to help you learn.

http://www.checkpoint.com/support/technical/documents/index.html

Start out with the Getting Started Guide and the Upgrade User Guide.
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 

Author Comment

by:GrahamR99
ID: 18792543
Hi Dooglave
I am starting to think I don't have the right software as I have installed the software on a clean VM, but do not have the file upgrade_import.exe, to reimport the configuration.

I have three disks labled Provider-1, SMP, and VPN-1 VSX.

I am installing disk 1 which is Provider-1, is this the correct disk?

Regards

GrahamR99
0
 
LVL 6

Expert Comment

by:Dooglave
ID: 18796399
Hmmm, those don't look right at all.  You have the High-End Package, I'd bet none of those disk are right for you.

If you were using Provider-1 or VSX you would know it.

 Best you check your UserCenter account to find out what license you have if you don't know. If it turns out that you have Provider-1 or VSX then you need to hire someone to come out and help you.

Make backups!

Do you have a Software Subscription? If you do you can download the R65 iso from Check Point's website.

 VPN-1 Power/UTM,  NGX R65 on  Windows
0
 

Author Comment

by:GrahamR99
ID: 18798543
Have ordered the new disk, should be here this week. Hopyfully it should just work now.

Thank you for all your help.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question