Upgrade Checkpoint from Command Line after failed from Webui - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Tuesday, January 28, 2014

Upgrade Checkpoint from Command Line after failed from Webui

There is 2012 Appliance 4205 in the environment. Some basic configuration done, including internal interface and gateway. But after a couple of times failed attempt to upgrade OS from R75 Splat to R75.40 Gaia, I have to stop to see where is wrong.

The failed screenshot is showing in the following:



The package name is Check_Point_Upgrade_for_R75.40.Splat_to_Gaia.tgz download from https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/media-type/html?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=14899&from=wizard.


Followed command line installation guide:

1. Upload the upgrade package through the GUI, it will be placed in: /var/log/cpupgrade/web/

2. Move upgrade.tgz into /var/upgrade

3. #tar -zxvf upgrade.tgz

4. #./UnixInstallScript -NOCRS
In R75.20 the install script is installme.sh

5. Reboot when complete and login to verify upgrade

Notes: 

Do not forget put idle 999 in, else you will get following auto log out messages:

[Expert@CP-Management]# ls
CPsecplPtchMod                                              base          lib                stam.tgz          upgrade_config.xml
Check_Point_R77.10_T151_upg_WEBUI_and_SmartUpdate.Gaia.tgz  content.txt   package_info.html  take_number.conf  vi.recover
RPMS                                                        cprid         resetips           upgrade           wrapper
SU                                                          installme.sh  scripts            upgradeClient

[Expert@CP-Management]# ./installme.sh 

Start Upgrading ..

Wait while creating upgrade image ... complete

Creating upgrade image is ok
[CP-Management]#
Idle timeout expired, performing auto-logout...




Actually, in my this case, the real reason for failure is because we did not run first time installation wizard and Checkpoint Package did not install first. After tried cpconfig finished first time installation wizard, upgrade was successful.

4 comments:

  1. Hey Johnny,
    I had the same problem here with my 75.20 to Gaia R77, failed thru the WebUI.
    When you move it to /var/upgrade do you mean to a new folder called upgrade or just moved to /var/ ?
    Good post btw..
    Regards,
    Alex

    ReplyDelete
    Replies
    1. Move it to new folder which name is upgrade. This would be the last resort to resolve upgrade issue. If still does not work, I would suggest to try new installation with exported the configuration.

      Delete
  2. By the way, if you use the web GUI to upload the checkpoint file you downloaded, only then will it be found in: /var/log/cpupgrade/web/ and be named upgrade.tgz

    Otherwise you can just use WINSCP (or something of the like) and manually upload the file to the device. Then you use that same tar command mentioned and unpack.

    Fun times and thanks for the article on this.
    BurnoutTech

    ReplyDelete
  3. I followed this instructions and i got :
    Upgrade Failed doing automatic revert in.....done
    System is going down to reboot NOW !

    :'(

    ReplyDelete