Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion Champion
Champion

R80.30 - new interesting commands!

I've been testing R80.30 EA very intensively in the lab over the last few days. Here I have discovered some interesting new commands on CLI. What did you discover that didn't exist before?

Please note that R80.30 is still in the EA phase. It may be that the information does not apply to R80.30 in the GA.

 

More interesting articles:

R80.20 - new interesting commandsR80.20 - new interesting commands 

cp.ankenbrand24.de

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
2 Replies
HeikoAnkenbrand
Champion Champion
Champion

Under R80.30 it is possible to encrypt CCP traffic.  This is very useful to protect the cluster from manipulated CCP packets.  Therefore new commands have been implemented on the CLI for this purpose.

This command also shows the current status “on" or "off” of the CCP encryption on the cluster:


#
cphaprob ccp_encrypt         

clish> show cluster members ccpenc

With the following command the encryption can be permanently enabled on the fly:

# cphaconf ccp_encrypt on


In this way the encryption can be disabled on the fly

# cphaconf ccp_encrypt off

More informations see here:

https://community.checkpoint.com/docs/DOC-3546-r8030-securexl-ccp-encryption 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
C__Morgan
Explorer

nice

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events