cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Backup Config of Checkpoint Gateway

Hi Thwack community,

this is my first discussion

We are having some troubles with "Checkpoint Security Gateway" Devices. Because there is no suitable Device-Template for those devices i used the Generic.Device combined with a Device Variation to backup the Running Configuration.

Device Details: Check Point Security Gateway using Gaia R77.20 as OS, Kiwi Cattools 3.6.0

I always try to copy the manual steps i would do via putty/SSH to cattools. Those manual steps would be:

  1. login via ssh
  2. "lock database override" //get prev. rights
  3. "show configuration" //running config gets printed to stdout with paging (-- More --) -> as fas as i know there is no ter len 0/ no paging command
  4. quit or exit

Somehow cattools is having some problems with those steps 😕

It isn´t getting input from the "show configuration" command which should print to stdout "Did not receive echo of show configuration command".

I attached you the log-info File and the Device variations so you could get a look into the changes i made.

Has anyone ever had similar problems (and a solution to it)? Especially with Checkpoint Devices?

Best regards,

Max

0 Kudos
4 Replies
Level 7

Hi Max,

Easiest way to do it is to create generic.device as device type and generic.device as model too.

Your method of connection is SSH2 via port 22.

under passwords you fill out SSH username and SSH password with your checkpoint's credentials.

then you go to tab VARIATIONS and use them

so on prompts tab select Paging prompt and define it as "-- More --"   -> note the spaces between dashes and the word More. This is a must to overcome paging!

next tab is additional commands. select "enter enable mode" and delete the value of it. So this field has to be selected and EMPTY

Select "show running config" and define it as "show configuration"

Select "Disconnect" and define it as "quit"

So that does it for me and i get a nice config backup of my gaiaR80.10 devices with file comparison and all the goodies that cattools does for me.

Hope this helps

Cheers, Tomi

Brilliant comment, backup 5600 running

0 Kudos

Thanks Tomi - I just added a Check Point 12400 firewall gateway to Kiwi Catools version 3.11.4 and it worked.

0 Kudos
Level 7

This disables paging:

set clienv rows 0

0 Kudos