Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Firewall Security Manager (FSM) > Firewall Security Manager Fails to Import Checkpoint Firewalls from the Checkpoint Management Server or Provider1 CMA

Firewall Security Manager Fails to Import Checkpoint Firewalls from the Checkpoint Management Server or Provider1 CMA

Table of contents
No headers

Issue
While FSM connects to the Check Point management server or Provider1 CMA, it does not display the install target, and the import process cannot be completed.

Cause
FSM is trying to check for a license based on the install target IP address.

Workaround
Use the file-based import method:

  1. Copy the configuration files from the remote Check Point management server to the local FSM server:
    1. Connect to the Check Point SmartCenter server using SSH or Telnet.
      Note: This is not the Smart Dashboard client GUI. Connect to the server directly.
    2. Find the directory on the server where the Check Point management server software is installed. This may be defined by the $FWDIR environment variable.
    3. Copy the file $FWDIR/conf/objects_5_0.C to your local file system.
      Note: There is also a file called objects.C. This is not the correct file.
    4. Copy the file $FWDIR/conf/rulebases_5_0.fws to your local file system.
  2. Extract the routing table with the cpstat command:
    1. Connect to the Check Point management console.
    2. If you are connecting to a Provider1 system, connect to the Customer Management Add-on (CMA) that manages the firewall.
    3. Enter cpstat os -f routing -h ipAddress > route.txt, where ipAddress is the IP address of the firewall module.
  3. Import these three files into FSM:
    1. In the Import Firewall dialog, select Import from FileSystem as the Import Method and Check Point as the Firewall Type.
    2. Click Next.
    3. In the Configuration Files section, browse to the three files you obtained previously in the corresponding fields.
    4. Click Finish.

For additional information on how to collect these files from a Check Point firewall, see the Check Point Firewalls section of the Data Collection help topic.

Last modified
14:57, 13 Nov 2015

Tags

Classifications

Public