You can use the backup utility for SPLAT, the command is just backup.
Greetings,
Lino E. Avila
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of RoNNY
Sent: Wednesday, August 24, 2005 2:18 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Migrating firewall from box to box
This was probably asked 15 gazillion times already, but I was wondering if
someone knows a sure and best way to get this done.
I have a very simple config: Splat R55 HFA 14 on one single box. That
is: management and enforcement are one.
I want to move this thing to a new server.
So I went and bought an HP DL380 G4, and got the CD with R55 HFA 12.
(this, by the way, happened only after dealing with two great guys at
Checkpoint who gave me the ISO).
Anyway, here's what I did:
1) Exported my configuration to a remote TFTP server.
2) Loaded R55 HFA 12 on the new box.
3) This is the part that got be a bit confused. I thought: "well...I loaded
the thing, I can now import my configuration, and tada! It'll work!", but
no. I had to go through sysconfig, as if I'm installing a new server, and
then I rebooted.
Now, I decided to skip setting the hostname, routing, NICs, etc, because I
wanted my config restored from the backup file I created earlier. Moving on:
4) After reboot, I restored my config. I actually put it under /home/admin/,
and restored it with the "upgrade_import" tool. I then rebooted.
That's it, but here's the thing: my host name is still "cpmodule", there's
no NIC definitions or anything else. I didn't connect yet with the
SmartDashboard, but I assume that the rulebase is there.
My question is: do I have an identical server now, and it's only missing the
NICs, Routing, etc configuration, or did I do something wrong?
I guess I was expecting a full blown restore of my entire server, and this
didn't happen.
Thanks
-RoNNY
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
