Management server died

[jfmorin]

Hi,
I have Checkpoint Express R55 on SecurePlatform installed on the gateway and I also have it on a Mangement console. My Management console died (the 2 disks died) I was doing backups via tftp. I realized that tftp max size was 32Megs, so my backups are all corrupted since they were more that 32Megs. Neither Checkpoint or my tfpt server warned me about this. My question: Is it possible to reinstall the management server and get the current config loaded on the gateway with all the nodes, rules, hosts, VPN config? If so how?
Thanks.

 

[rn4it]

I don't think so, I'd contact Checkpoint support to see if there's something that you could do.

 

[shaggerTM]

I think that probably depends on exactly how stuffed the old management server really is. You don't tell us much about the platform, maybe you can fill us in a bit.

Depending on the OS and a few other things, I have successfully recovered old management servers sufficiently to get a new one running. If you need more info, email me privately.

========================================
Find out about what I do for a living at

http://www.ascltd.co.uk

========================================

 

[jfmorin]

The OS is secureplatform on both management and FW. The management server had a database for the rule base. The old management server is really dead both disks blew so there goes my Raid1 :-(. I can get most info on the FW console with the objects.c and local.* files. The only problem is with my rules, I can't seem to see them in any files (not easily). I have a printout but it is old. Is this enough info? Thanks.

 

[shaggerTM]

ugh... well.. it's possible to spend a bit of time reverse-engineering things to reconstruct the rulebase... not trivial though ! I have done it in a limited way on occasions for clients.. more usually when you are looking for compile anomalies than DR though..

How many rules are we talking about ? 10, 100, 200+ ?

If you're really stuck, you're going to be looking at shelling out for some assistance I suspect, depending on how brave you are feeling about deconstructing the inspect cached on the module.

Keep me posted on your progress !

shaggerTM



========================================
Find out about what I do for a living at

http://www.ascltd.co.uk

========================================

 

[jfmorin]

We're talking about 30 rules. I am rebuilding my config in a test environment to try to fix it. I'll keep you posted. I have a Checkpoint certified pro comming on friday. He was the one you built my system so I hope he can help me fix it. Thanks for your help.

 

[shaggerTM]

If he was any kind of pro, he would have made sure you had a reliable backup process in place before he left



========================================
Find out about what I do for a living at

http://www.ascltd.co.uk

========================================

 

[jfmorin]

Yeah ;-) This time I will make sure

 

[wirelesspeap]

if he was any kind of pro, he also would have advised NOT to use tftp to backup the system and go with secure copy (scp) instead. scp doesn't have the same file size limitation that tftp does. But if you still insist on tftp, there are tftp server out there that doesn't have the 32mb restriction.

 

[jfmorin]

I actualy switched my backups to scp for my firewall device when I found out that tftp wasn't working. Unfortunatly I had to find out the hard way :-( . I will make sure to test my bacup strategy when everything is back up and running. Thanks for the input.