On FWM
1. WebCLI Create an account tufincli wiht admin role and cli.sh shell
2. Admin GUI create and account with read/write privileges checkpoint password
3. Install Database on FWM
login as: tufincli
This system is for authorized use only.
tufincli@hin0301fwmtest's password:
Last login: Fri Feb 23 11:55:21 2018 from dkhem01063322.bcbsma.com
hin0301fwmtest> expert
Enter expert password:
Warning! All configurations should be done through clish
You are in expert mode now.
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# mgmt_cli show-version
Username: tufinapi
Password:
code: "generic_internal_error"
message: "Internal error. For more info search for incident [44bdcbf1-b640-4b19- 9330-e3811111b8e9] in log file"
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# api restart
2018-Feb-23 12:12:45 - Stopping API...
2018-Feb-23 12:12:48 - API stopped successfully.
2018-Feb-23 12:12:48 - Starting API...
. . . . . . . . . . . . . . . . .
2018-Feb-23 12:14:03 - API started successfully.
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# api status
API Settings:
---------------------
Accessibility: Require ip 127.0.0.1
Automatic Start: Enabled
Processes:
Name State PID More Information
-------------------------------------------------
API Started 10190
CPM Started 4398 Check Point Security Management Server is running and ready
FWM Started 3910
Port Details:
-------------------
JETTY Internal Port: 50277
APACHE Gaia Port: 443
Apache port retrieved from: httpd-ssl.conf
--------------------------------------------
Overall API Status: Started
--------------------------------------------
API readiness test SUCCESSFUL. The server is up and ready to receive connections
Notes:
------------
To collect troubleshooting data, please run 'api status -s <comment>'
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# mgmt_cli show-version
Username: tufinapi
Password:
code: "generic_internal_error"
message: "Internal error. For more info search for incident [c6c26b63-9283-4534-9a87-fe6c8109da84] in log fi le"
[Expert@hin0301fwmtest:0]# api status -s
API Settings:
---------------------
Accessibility: Require ip 127.0.0.1
Automatic Start: Enabled
Processes:
Name State PID More Information
-------------------------------------------------
API Started 10190
CPM Started 4398 Check Point Security Management Server is running and ready
FWM Started 3910
Port Details:
-------------------
JETTY Internal Port: 50277
APACHE Gaia Port: 443
Apache port retrieved from: httpd-ssl.conf
--------------------------------------------
Overall API Status: Started
--------------------------------------------
API readiness test SUCCESSFUL. The server is up and ready to receive connections
Collecting and compressing diagnostic data... Please wait...
Adding api.elg
Adding api_sh.elg
Adding api.json
Adding api.csv
Adding cpm.elg
Adding fwm.elg
Adding httpd_access_log
Adding httpd2.conf
Adding extra/httpd2-webapi.conf
Adding httpd2_access_log
Adding httpd2_error_log
Adding memory.elg
Adding disk_space.elg
Adding ifconfig.elg
Adding cpwd_admin_list.elg
File /home/tufincli/2018.02.23_12-14-42_api_data_.tgz has been created
[Expert@hin0301fwmtest:0]# sftp sftp@ott.checkpoint.com
Connecting to ott.checkpoint.com...
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# sftp bcbsma@sftp.ott.checkpoint.com
Connecting to sftp.ott.checkpoint.com...
The authenticity of host 'sftp.ott.checkpoint.com (67.210.167.35)' can't be established.
RSA key fingerprint is 4b:e3:22:02:14:ff:92:6b:22:e0:a8:fb:16:86:36:2a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'sftp.ott.checkpoint.com,67.210.167.35' (RSA) to the list of known hosts.
Check Point FTP ServerEnter password:
sftp>
sftp> cd incoming/api-test
sftp>
sftp> put /home/tufincli/2018.02.23_12-14-42_api_data_.tgz
Uploading /home/tufincli/2018.02.23_12-14-42_api_data_.tgz to /incoming/api-test/2018.02.23_12-14-42_api_dat a_.tgz
/home/tufincli/2018.02.23_12-14-42_api_data_.tgz 100% 25MB 1.0MB/s 00:24
sftp>
pert@hin0301fwmtest:0]# $FWDIR/scripts/cpm_status.sh
Check Point Security Management Server is during initialization
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# watch -d -n 1.0 !!
watch -d -n 1.0 $FWDIR/scripts/cpm_status.sh
Every 1.0s: /opt/CPsuite-R80/fw1/scripts/cpm_status.sh Fri Feb 23 12:20:24 2018
Check Point Security Management Server is during initialization
- cpstop;
cpstart on your production environment
- Validate
that we can execute the api call successfully
sftp> quit
[Expert@hin0301fwmtest:0]# cpstop; cpstart
cpwd_admin:
Process DASERVICE terminated
UEPM: Endpoint Security Management isn't activated
Management Portal: Stopping CPWMD
cpwd_admin:
Process CPWMD isn't monitored by cpWatchDog. Stop request
aborts
Management Portal: CPWMD failed to stop
Management Portal: Stopping CPHTTPD
cpwd_admin:
Process CPHTTPD isn't monitored by cpWatchDog. Stop request
aborts
Management Portal: CPHTTPD failed to stop
Stop Search Infrastructure...
Stopping RFL ...
cpwd_admin:
successful Detach operation
Stopping Solr ...
cpwd_admin:
successful Detach operation
Stop SmartView ...
Stopping SmartView ...
cpwd_admin:
successful Detach operation
Stop Log Indexer...
cpwd_admin:
Process INDEXER (pid=4263) stopped with command "kill
4263". Exit code 0.
Stop SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER terminated
dbsync is not running
evstop: Stopping product - SmartEvent Server
evstop: Stopping product - SmartEvent Correlation Unit
Check Point SmartEvent Correlation Unit is not running
SmartView Monitor: Management stopped
FireWall-1: cpm stopped
FireWall-1: fwm stopped
VPN-1/FW-1 stopped
Stopping Critical Alerts Sensor
SVN Foundation: cpd stopped
Stopping cpviewd
SVN Foundation: cpWatchDog stopped
SVN Foundation stopped
cpstart: Power-Up self tests passed successfully
cpstart: Starting product - SVN Foundation
SVN Foundation: Starting cpWatchDog
Starting cpviewd
Starting Critical Alerts Sensor...
SVN Foundation: Starting cpd
SVN Foundation started
cpstart: Starting product - VPN-1
Local host is not a
FireWall-1 module
FireWall-1: Starting fwd
FireWall-1: Starting cpm. Please wait...
[1] 12186
FireWall-1: Finished starting cpm successfully
FireWall-1: Starting fwm (SmartCenter Server)
FireWall-1: This is a SmartCenter server. No security policy
will be loaded
FireWall-1 started
cpstart: Starting product - SmartView Monitor
SmartView Monitor: Not active
cpstart: Starting product - Eventia Suite
Start Search Infrastructure...
index mode was set to true
cpwd_admin:
Process SOLR started successfully (pid=12475)
Starting RFL ...
cpwd_admin:
Process RFL started successfully (pid=12503)
Starting SmartView ...
cpwd_admin:
Process SMARTVIEW started successfully (pid=12530)
Start Log Indexer...
cpwd_admin:
Process INDEXER started successfully (pid=12550)
Start SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER started successfully (pid=12595)
cpstart: Starting product - Management Portal
Management Portal: Starting CPWMD
Management Portal: CPWMD failed to start
Management Portal: Starting CPHTTPD
Management Portal: CPHTTPD failed to start
cpstart: Starting product - UEPM
UEPM: Endpoint Security Management isn't activated and will
not be started
cpstart: Starting product - Deployment Agent
cpwd_admin:
Process DASERVICE started successfully (pid=12793)
[Expert@hin0301fwmtest:0]# $FWDIR/scripts/cpm_status.sh
Check Point Security Management Server is during
initialization
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# watch -d -n 1.0 !!
watch -d -n 1.0 $FWDIR/scripts/cpm_status.sh
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# mgmt_cli show-version
Username: tufinapi
Password:
code: "generic_internal_error"
message: "Internal error. For more info search for
incident [267d3016-0fe0-4145-98cc-717c5a149572] in log file"
[Expert@hin0301fwmtest:0]# api restart
2018-Feb-23 12:23:06 - Stopping API...
2018-Feb-23 12:23:08 - API stopped successfully.
2018-Feb-23 12:23:08 - Starting API...
. . . . . . . . . . . . . . . . .
2018-Feb-23 12:24:23 - API started successfully.
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# clish -c "lock database
override"
CLICMD0201 Config
lock is already turned on.
[Expert@hin0301fwmtest:0]#
[Expert@hin0301fwmtest:0]# mgmt_cli show-version
Username: tufinapi
Password:
product-version: "Check Point Gaia R80.10"
os-build: "421"
os-kernel-version: "2.6.18-92cpx86_64"
os-edition: "64-bit"
[Expert@hin0301fwmtest:0]#
|
STEP 1
|
Created 2 NEW Users to be utilized on our test.
|
||||||||||||||||||||||||
|
STEP 2
|
Applied the changes by performing the following
|
||||||||||||||||||||||||
|
STEP 3
|
Executed the API call with ERROR
|
||||||||||||||||||||||||
|
STEP 4
|
Restarted Check Point Process and Services
|
||||||||||||||||||||||||
|
STEP 5
|
Restarted API
|
||||||||||||||||||||||||
|
STEP 6
|
Executed the API call with SUCCESS
|
