Sysconfig Command without first time configure wizard completed in Checkpoint appliance - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Tuesday, April 24, 2012

Sysconfig Command without first time configure wizard completed in Checkpoint appliance

Got a situation which has to remotely configure a factory reset checkpoint 2205 appliance. Unfortunately I have to do basic configuration from remote first until get internal interface configured proper ip, then I am able to run first time wizard to continue set up with new ip address. As we know after checkpoint appliance reset to factory, internal interface is 192.168.1.1.which usually not reachable for my remote access.

Good thing is I have a remote console access through Avocent Console Server 5000 series. I was thinking I can configure internal interface ip first through console. But after entered into console, I found I got into a stuck situation which is no way to issue sysconfig / cpconfig before finish first time wizard through web GUI interface.

After a google search, quickly found this post at
https://www.cpug.org/forums/check-point-utm-1-appliances/10713-setup-utm-1-via-serial-console.html

Two commands can easily resolve my problem now. Get into expert mode, then touch two magic files.

touch /opt/spwm/conf/wizard_accepted
touch /opt/spwm/conf/wizard_post_install.accepted


Then I am able to issue sysconfig to set up Internal interface ip and gateway. After all done, remove those two touched files from expert mode:


rm /opt/spwm/conf/wizard_accepted
rm /opt/spwm/conf/wizard_post_install.accepted


Then I am able to remotely run first time wizard with new ip address. CPUG saved my life again.


No comments:

Post a Comment