This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Silesio
Contributor
‎2020-08-16 02:59 AM

Deploying Check Point Solution R80.40

In this post, we're going to deploy Check Point Solution running Gaia R80.40, on EVE-NG. These guide is also valid for deployments using VMWare Workstation. 

This lab is based in the topology below:

001.JPG

 

First we're going to download Gaia on the link below:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Choose the option: Security Gateway / Standalone / Security Management Clean Install.

Once we get Gaia OS, we can install it on EVE-NG or VMWare Workstation;

 

The following steps will be the same whether you're deploying on EVE-NG or VMWare. For this article, we're going to refer only for steps in EVE-NG. Add two Check Point nodes like in the topology above and let's start the installation process.

Stop the boot process by typing any key and select Install Gaia on this system

2.JPG

 Proceed with Welcome screen

3.JPG

 Choose your keyboard language

4.JPG

Set the partition option (I'll use the defaults)

5.JPG

Set your login credentials

6.JPG

Choose which interface will be the Management Port (I'll choose eth0)

7.JPG

Set the Management Interface IP address

8.JPG

Proceed with the installation

9.JPG

 

Once it finishes we'll reboot the machine. Do the same steps for the other machine but assign it a different IP address.

Now let's proceed with the first installation wizard by accessing the two machines via browser: https://ipaddress.

We'll start with the gateway.

13.JPG

 

In the Internet Connection page, set the interface leading to the internet (external interface)

15.JPG

 

In Installation Type page, choose Security Gateway and/or Security Management

17.JPG

 

In Products choose Security Gateway and proceed

18.JPG

 

19.JPG

 

20.JPG

 

21.JPG

 

22.JPG

 

For the management server, some of the initial steps will be the same done in the gateway section. 

In Products choose Security Management

23.JPG

 

24.JPG

25.JPG

26.JPG

Once the installation finishes, we'll download SmartConsole from Security Manager Gaia portal and install it.

27.JPG

 

Now let's login into the management server using SmartConsole and add the Gateway.

28.JPG

In the Gateways and Servers Toolbar, select New > Gateway

Set the Name, IP Address, and Communication key. In communication window, type the password defined earlier for SIC and select Initialize.

29.JPG

 

Press OK and proceed to the Network Management pane, edit the interface leading to the internet and Modify it's topology to Internet (External).

30.JPG

 

Let's add our internal network into SmartConsole by clicking New > Network in the Objects Pane in the right.

33.JPG

 

Access the Security Policies pane and add a new rule above the existing Clean Up rule.

34.JPG

 31.JPG

 

Install Policy and publish the session.

 

And that's all you need to deploy Check Point solution.

By default, after deploying Check Point products, you have a 15 days trial license period. If you want to test some advanced features like ClusterXL, IPS... you can download a demo license in the link below and you'll have 30 day period to test those features:

https://supportcenter.checkpoint.com/supportcenter/portal

Once you login, access the page Try Our Products > Product Evaluation and choose the license that fits you bettter.

In SmartConsole access the Menu > Manage licenses and packages... 

36.JPG

 

In SmartUpdate, import the license file and attach in the management server or in the gateway.

39.JPG

 

 

Hope you enjoyed this post, leave your comments below and I'll see you on the next post.

(1)
5 Replies
Mikey-Mikey
Explorer
‎2021-03-04 12:34 PM

Hi,

I do not appear to be able to create more than one CP VM in EVE-NG for a separate management node and firewall. Any ideas what I might be doing wrong.
I've tried creating the nodes from  the same qemu image or different image. When I try to configure a separate node it wither inherits all of the config from the manager, or does not load at all.

0 Kudos
KostasGR
Advisor
‎2021-04-24 12:09 PM
In response to Mikey-Mikey

Hello Mikey-Mikey 

Did you follow all the steps from the below link for ISO installation? 

https://www.eve-ng.net/index.php/documentation/howtos/howto-add-checkpoint/

 

BR,

Kostas

0 Kudos
JGo
Explorer
‎2023-07-20 12:41 PM
In response to Mikey-Mikey

Hey Mikey,

I am having the same problem. Did you find a solution to this?

 

Thank you in advance.

 

0 Kudos
anilkusi
Explorer
‎2021-06-08 11:21 PM

Hello Team,

We are using EVE-NG setups in our office setup, the image which is there in EVE-NG for check point is R80.20 and pre-build into EVE-NG.

When I am installing it.. i am only getting option for Security management and not able to configure that device as Security Gateway.. 

Could you pls advise , what could be an issue here.

Best Regards

Anil Singh

0 Kudos
anilkusi
Explorer
‎2021-06-08 11:40 PM

in my EVE-NG lab , we have image version cpsg-R80-20M1_T14 and I am not able to configure it as Security Gateway, Any idea or suggestion here.. the image was already build by instructor..

pls advise I am new in this technology

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events