Upgrading Checkpoint NG to Checkpoint NGX

Hi Expert-Exchange Members
I am trying to upgrade CheckPoint NG too Checkpoint NGX.  I thought it would be a case on inserting the CD and running the setup, but now I have two version of Checkpoint on on machine.

Could someone explan how I would install Checkpoint NGX on the machine with the same set of rules installed as the version of Checkpoint NG?

Thank you for reading

Regards

GrahamR99
GrahamR99Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DooglaveCommented:
I guess this in on Windows?  You should have been prompted on the install to do an inplace upgrade.
Well If you have an extensive rulebase that you don't want to loose then you need to have either backed up the system before the upgrade or start backing it up now just in case.


I would start out by running in %FWDIR%/bin/upgrade_tools
upgrade_export.exe

Install your new version of Check Point on another system, finish the install till the point you are pushing an any any policy.
You have to have the exact same host name and ip address on the new system.

Then run upgrade_import.exe

Double Login with SmartDashboard and make sure you config looks good. If so then you have a good upgrade export.  Reformat the primary server and do the same thing as you just did on this test system.

If the test box fails then let me know. Try not to mess with you production box any more until you know you have a solid plan to move forward.

0
GrahamR99Author Commented:
Hi Dooglave
The OS is Windows 2000 SP 4,  I have take a Virutal Machine of the Live firewall and currently working on that until I have the skill to perform on the live system.

Do I understand correctly I should install the new software on a clean OS, and restore the rules from the Export I make from the current firewall system?

Regards

GrahamR99
0
DooglaveCommented:
Yes, that's a good idea. This way if you make a mistake you can alway revert to your snapshot in vmware.  Once you have it all figured out put it on a real system. Check Point doesn't support vmware but it's a great tool for testing.

You can sign up for a free account on checkpoints website and then you can download these docs. Just click on your version and you will see many docs to help you learn.

http://www.checkpoint.com/support/technical/documents/index.html

Start out with the Getting Started Guide and the Upgrade User Guide.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

GrahamR99Author Commented:
Hi Dooglave
I am starting to think I don't have the right software as I have installed the software on a clean VM, but do not have the file upgrade_import.exe, to reimport the configuration.

I have three disks labled Provider-1, SMP, and VPN-1 VSX.

I am installing disk 1 which is Provider-1, is this the correct disk?

Regards

GrahamR99
0
DooglaveCommented:
Hmmm, those don't look right at all.  You have the High-End Package, I'd bet none of those disk are right for you.

If you were using Provider-1 or VSX you would know it.

 Best you check your UserCenter account to find out what license you have if you don't know. If it turns out that you have Provider-1 or VSX then you need to hire someone to come out and help you.

Make backups!

Do you have a Software Subscription? If you do you can download the R65 iso from Check Point's website.

 VPN-1 Power/UTM,  NGX R65 on  Windows
0
GrahamR99Author Commented:
Have ordered the new disk, should be here this week. Hopyfully it should just work now.

Thank you for all your help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.