Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
License_Support
Participant

Extract configuration from rescue mode

firewal.png

 

I have a lab firewall (running as a standalone installation) that had several power failures during a few minutes and ended up in a state where I can not log in to it but it is starting up fine and loading/applying the firewall rules as normal.

I can start it in rescue mode and get access to the shell / Linux but have no clue on how to fix the problem it has with the broken login so instead I want to reinstall it.

The backup I have is several months old ( it is backed up every 3 month ) and I want to save some time by not having to apply all the missing rules and alterations done since the last backup so I would like to get both the "clish -c show configuration" out and also if possible the firewall rules applied.

Does any one here know how that can be done from the rescue boot shell ? 

Regards Keld Norman

 

3 Replies
PhoneBoy
Admin
Admin

In Rescue Mode, the processes required to actually get the configuration won't be available.
It's better to fix the password.

This thread will probably help you: https://community.checkpoint.com/t5/General-Management-Topics/Forgot-admin-password-in-CLI/m-p/56792
TL;DR: In R80.x, you can do it from SmartConsole assuming you have access, in earlier releases you have to use EmergenDisk.
License_Support
Participant

he 🙂 i can fix the password with no problem - but the database was dead.. to many power failures after each other bricket it.

I did a restore and forgot about it again.

However It would be nice to have a method to get the rules and objects etc out when booted in to rescue mode.

It is frustrating to see all the files and data and not be able to "just" run the clish -c "show configuration" and perhaps copy out the database to fix it and extract the data.. 

 

PhoneBoy
Admin
Admin

What's available on the gateway is the compiled policy, which isn't in a form that can be "exported" to some other management.
Check Point Professional Services can help extract this.
It's definitely more complex than you could render via "show configuration."

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events