Re: [FW-1] export configuration

Subject:	Re: [FW-1] export configuration
From:	Ramki Security <ramki.security AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 4 May 2006 13:43:43 -0400

If you want to migrate to R60, use the upgrade_export for R60.

The error message indicates "/conf/rulebases_5_0.fws does not exists".Did you check if the file exists under $FWDIR/conf.


Ramki
CCNA, CCSE-NGAI

Clive Luk wrote:

Hi,

I have downloaded the upgrade tools from CP site.

I have tried to run the upgrade_export on my current management server R55

However, I got an error when I run this

# ./upgrade_export -d exportr55

You are required to close all Check Point clients before the Export
operation begins.
If the export fails, stop Check Point services and run the upgrade_export
command again.
Press ENTER when ready..

[ 20242 1]@xxxxx[4 May 16:48:38] GetExecPath: Exec dir = .
[ 20242 1]@xxxxx[4 May 16:48:38] AppendPathEnvVar:
PATH=/opt/CPshared/5.0/bin:/opt/CPrt-R55:/opt/CPrt-R55/bin:/opt/CPfw1-R55/bi
n:/opt/CPinfo-R55/bin:/opt/CPshrd-R55/util:/opt/CPshrd-R55/bin:/usr/sbin:/us
r/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/openwin/bin:/usr/d
t/bin:/usr/platform/SUNW,Sun-Blade-100/sbin:/opt/sun/bin:/usr/bin/nsr:/usr/s
bin/nsr:/opt/CPfw1-R55:/export/home/clive/cp-upgrade-tool/.
 Checking the existence of necessary files...
 Error: <nil>/conf/rulebases_5_0.fws does not exists, aborting upgrade
[ 20242 1]@xxxxx[4 May 16:48:38] NecessaryFwFilesExist: Error >> Not all the
necessary fw files exist
[ 20242 1]@xxxxx[4 May 16:48:38] NecessaryFilesExist: Error >> Some of the
needed files (fw1) were not exported
 Error: Not all the necessary files have been exported.

I have checked my ENV vars. It looks ok to me. Please have a look at the
below output for my ENV vars.

PWD=/export/home/clive/cp-upgrade-tool
TZ=Australia/NSW
RTDIR=/opt/CPrt-R55
HZ=
SUDIR=/opt/CPfw1-R55/sup
HOSTNAME=xxxxxxxxxxxxx
LD_LIBRARY_PATH=/opt/CPshared/5.0/lib:/opt/CPrt-R55/lib:/opt/CPfw1-R55/lib:/
opt/CPshrd-R55/lib:/usr/openwin/lib:/usr/local/lib
FW_BOOT_DIR=/etc/fw.boot
OPENWINHOME=/usr/openwin
MANPATH=:/usr/man:/usr/share/man
CPMDIR=/opt/CPfw1-R55
MACHTYPE=sparc-sun-solaris2.9
LOGINFROM=xxxxxxxxxxxx
OLDPWD=/export/home/clive
EDITOR=vi
SUROOT=/var/suroot
DISPLAY=xxxxxxxxxxxxxxx
LOGNAME=root
SHLVL=1
FWDIR=/opt/CPfw1-R55
INFODIR=/opt/CPinfo-R55
CPDIR=/opt/CPshared/5.0
SHELL=/sbin/sh
HOSTTYPE=sparc
OSTYPE=solaris2.9
HOME=/
TERM=xterm
PATH=/opt/CPshared/5.0/bin:/opt/CPrt-R55:/opt/CPrt-R55/bin:/opt/CPfw1-R55/bi
n:/opt/CPinfo-R55/bin:/opt/CPshrd-R55/util:/opt/CPshrd-R55/bin:/usr/sbin:/us
r/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/openwin/bin:/usr/d
t/bin:/usr/platform/SUNW,Sun-Blade-100/sbin:/opt/sun/bin:/usr/bin/nsr:/usr/s
bin/nsr:/opt/CPfw1-R55


THANKS,
Clive

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Ramki
Security
Sent: Thursday, 4 May 2006 12:45 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] export configuration

Hi Clive,

Are you planning to use ClusterXL for clustering?

About cluster, you cannot setup cluster and management on the same box.You need to have a separate management and two other boxes to setupcluster. Once you have this infrastructure, you can follow these steps.

1. Use the upgrade_export from NGX R60 cd to do an upgrade_export. Rununixinstallscript from the NGX CD and select export configuration.2. Store the exported file in a directory and transfer this to the NGXR60 box.3. Do an upgrade_import onto the NGX R60 box. You can also do a freshinstall and select advanced upgrade using the exported configuration.4. Follow the cluster configuration guidelines to configure the smartdashboard objects for the cluster. Install policy on the cluster. Youwill need a common IP, sync network etc.


Regards,


Clive Luk wrote:

Dear FW-1 list members,

Hope someone can help me here. Let me explain my situation.

I am currently running single NGX55 on Solaris 8 and SmartCenter on a
different box (Solaris 9).

I have been assigned to a project to setup a cluster(load

balance/fail-over)

firewall. I have just setup a test box on a Solaris 9 box running both

NGX60

and Smartcenter(just to playing around). I am wondering if I can export

the

old configurations + policy from my old NGX55 to the new NGX60?

Thanks in advance!

Cheers,
Clive

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] export configuration, Clive Luk Re: [FW-1] export configuration, Ramki Security Re: [FW-1] export configuration, Clive Luk Re: [FW-1] export configuration, Clive Luk Re: [FW-1] export configuration, Ramki Security <= Re: [FW-1] export configuration, Clive Luk Re: [FW-1] export configuration, Lars Troen

Previous by Date:	Re: [FW-1] CheckPoint on RHEL4, Ramki Security
Next by Date:	[FW-1] Eventia, Tom louis
Previous by Thread:	Re: [FW-1] export configuration, Clive Luk
Next by Thread:	Re: [FW-1] export configuration, Clive Luk
Indexes:	[Date] [Thread] [Top] [All Lists]