Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Matlu
Advisor
Jump to solution

Access to GAIA PORTAL

Hello, team.

I have an infrastructure inherited from a previous administrator, but he forgot the access credentials to the GW (We have a cluster of 6000 computers).

Cluster Object IP: 200.60.21.100
PASSIVE FW IP: 10.7.15.67
IP FW ACTIVE: 10.7.15.66

I have tried to access by GAIA PORTAL to the active member, because we need to delete some static routes, but when I try with the https://10.7.15.66, it does not open the GAIA PORTAL.

I have the impression that the access is with a different port, but we don't have that data at hand.

Is there any way to know which port opens the GAIA PORTAL?

P.S. I do have access to the GW CLI active.

Greetings.

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
0 Kudos
(1)
8 Replies
G_W_Albrecht
Legend Legend
Legend

See here: https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_Gaia_AdminGuide/Topics-GAG/A...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
(1)
the_rock
Legend
Legend

Yes, do this from clish:

[Expert@quantum-firewall:0]# clish
quantum-firewall> show web ssl
ssl-port - Web configuration tool SSL port number
ssl3-enabled - Allow using SSL3 to access the web configuration tool
quantum-firewall> show web ssl-p
quantum-firewall> show web ssl-port
web-ssl-port 4434
quantum-firewall>

 

Andy

0 Kudos
Matlu
Advisor

Thank you for your response.

I have to delete several static routes, and I see it more "feasible" to do it from the GAIA PORTAL.

One question, please, in a GW Cluster, do you have to delete the routes in both Firewalls?
Or is it enough to just delete them from the active member?

Cheers. 🙂

the_rock
Legend
Legend

In a cluster, configs should match on both members. Unlike Fortinet or Cisco, as you know, with CP, it has to be done manually, does not sync to backup member when you do change on master.

Andy

0 Kudos
Matlu
Advisor

Now everything is clearer.

🙂

What I am sure of is that it is not necessary to send to install policies, as far as "add/remove" routes that are created either by CLI/GAIA PORTAL, right?

Thanks, Buddy.

0 Kudos
the_rock
Legend
Legend

Correct...to add/remove routes, do it on both firewalls, does NOT need policy install.

Andy

0 Kudos
Matlu
Advisor

A question,

Is it a normal behavior of the Firewall Checkpoint, to make any kind of change at GAIA PORTAL level, and to be sure that the changes are automatically applied, without the need to give a "save", as it is normally done through the CLI?

Since I have seen that difference, in the GAIA PORTAL, you simply change what you need.

In the CLI, you usually always give a "save config" because otherwise I understand that it does not "apply" the change.

Is this normal?

0 Kudos
the_rock
Legend
Legend

Right, in clish you just run save config to save all the commands you ran. In web UI, if there is apply or save, you click that, if not, then no need. Whatever gets saved in clish, will be reflected in web UI as well.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events