Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
checkpointer
Participant
Jump to solution

Edit SIP_MAX_INVITE setting to persist after reboot

Hello,

We have changed the SIP_MAX_INVITE setting on the CLI of one of our VS instances (R80.40 on the 6600 platform) but want to make sure this is saved into the relevant file so the setting persists after reboot. How we can achieve this?

Checkpointer

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend

See sk26202 Changing the kernel global parameters for Check Point Security Gateway:

Global kernel parameters exist to control (customize) the behavior of Security Gateway (kernel parameters are located in the $FWDIR/boot/modules/fw*mod* kernel modules).

On VSX Gateway, value of a kernel parameter applies to all configured Virtual Systems / Virtual Routers (i.e., it is not possible to set a value of a kernel parameter per Virtual System / Virtual Router).

CCSE CCTE CCSM SMB Specialist

View solution in original post

7 Replies
PhoneBoy
Admin
Admin

Not familiar with this particular configuration.
What precise steps did you take?

0 Kudos
checkpointer
Participant

Thanks Phoneboy, 

 

I think this is really to do with maintaining manual edits after reboot in a VSX environment.

On  the older appliance based FWs pre VSX we needed to amend a file for setting such as TCP max session so that when the FW rebooted the setting wasn’t lost as we had set it on the CLI.

Now that we have VSX with several VSs running on the appliances we are not sure if the same thing applies.  We have set the config using CLI on each virtual system but we suspect these will be lost on restart.

Is there an SK that advises on this?

Regards,

Checkpointer

0 Kudos
G_W_Albrecht
Legend
Legend

See sk26202 Changing the kernel global parameters for Check Point Security Gateway:

Global kernel parameters exist to control (customize) the behavior of Security Gateway (kernel parameters are located in the $FWDIR/boot/modules/fw*mod* kernel modules).

On VSX Gateway, value of a kernel parameter applies to all configured Virtual Systems / Virtual Routers (i.e., it is not possible to set a value of a kernel parameter per Virtual System / Virtual Router).

CCSE CCTE CCSM SMB Specialist
checkpointer
Participant

Thanks a mil guys!

G_W_Albrecht
Legend
Legend

But i do think that you really want to set the "sip_expire" kernel parameter.

CCSE CCTE CCSM SMB Specialist
0 Kudos
checkpointer
Participant

Thanks GW, why do you say this?

0 Kudos
G_W_Albrecht
Legend
Legend

Because i do not know a sip_max_reinvite kernel parameter, only sip_expire...

CCSE CCTE CCSM SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events