This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject
Expedition Articles
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Featured Article

Dynamic Log Connectors and Devices Monitor

alestevez
L7 Applicator

Be the first to discover the new dynamic log connector functionality and learn about App-ID Adoption and the new Device Monitor...

Migrating Checkpoint R80 [UPDATED on December 2020]

With the new version of Checkpoint Smartcenter R80, the way to obtain the rules has changed.    Exporting Configuration   To export the configuration from a Checkpoint R80 we are gonna need to download a tool from the Checkpoint's Github. We want to be sure we download latest version of the tool since the one it comes installed in your SmartCenter usually is old and may contain bugs.   So first open your preferred web browser and go to:   https://github.com/CheckPointSW/ShowPolicyPackage/releases   Check the latest, at the moment of updating this post latest version was 2.0.6, so in order to download it we have to click on the file named: web_api_show_package-jar-with-dependencies.jar   https://github.com/CheckPointSW/ShowPolicyPackage/releases/download/V2.0.6/web_api_show_package-jar-with-dependencies.jar   After download the file you have to UPLOAD it to your SmartCenter Server where Checkpoint R80 management is running. Use your SCP preferred tool to do it.   Please read the README.md file shown in https://github.com/CheckPointSW/ShowPolicyPackage to understand how to run the downloaded file properly, pay special attention to the Examples   Before you run the command verify the Checkpoint API is running otherwise this tool will fail to execute. Please read this if you don' t know how to enable/verify if your API is UP and Running   Now you can RUN the tool from CLI as EXPERT   java -jar web_api_show_package-jar-with-dependencies.jar -v   The output from that command will let you know what Packages are available to export   Last command we have to run is the following where PACKAGE_NAME is the name you have chosen from the previous command and in case you are in a MULTI-DOMAIN environment specify the DOMAIN_NAME too (-d is OPTIONAL):    java -jar web_api_show_package-jar-with-dependencies.jar -k <PACKAGE NAME> -d <DOMAIN NAME>   This will create a new tgz file which you will use as is to import into Expedition Importation page.   Exporting Routing and interfaces   From the Firewall CLI, you can run the following:   netstat -nr > routes.txt   With all this information, we can go to Expedition, Create a new Project, enter the Project, and go to IMPORT > CHECKPOINT > VERSION R80.   Assign a name to your configuration such as "MyInternetGW" Select the tgz file and attache it to the proper input Select the routes.txt for the routes Click UPLOAD   References: Checkpoint Website article about the show package tool    
View full article
88% helpful (7/8)
‎12-11-2020 01:39 AM
Customer Advisories

Your security posture is important to us. If you’re a Palo Alto Networks customer, be sure to login to see the latest critical announcements and updates in our Customer Advisories area.

Check for updates

Learn how to subscribe to and receive email notifications here.

Celebrate with us!
LIVEcommunity Wins 2022 Khoros Kudos Award
LIVEcommunity Wins 2022 Khoros Kudos Award
Join us to celebrate!
Top Contributors
Top Liked Posts in LIVEcommunity Article
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks