Re: Extract configuration from rescue mode

License_Support · ‎2020-03-19

I have a lab firewall (running as a standalone installation) that had several power failures during a few minutes and ended up in a state where I can not log in to it but it is starting up fine and loading/applying the firewall rules as normal.

I can start it in rescue mode and get access to the shell / Linux but have no clue on how to fix the problem it has with the broken login so instead I want to reinstall it.

The backup I have is several months old ( it is backed up every 3 month ) and I want to save some time by not having to apply all the missing rules and alterations done since the last backup so I would like to get both the "clish -c show configuration" out and also if possible the firewall rules applied.

Does any one here know how that can be done from the rescue boot shell ?

Regards Keld Norman

PhoneBoy · ‎2020-03-21

In Rescue Mode, the processes required to actually get the configuration won't be available.
It's better to fix the password.

This thread will probably help you: https://community.checkpoint.com/t5/General-Management-Topics/Forgot-admin-password-in-CLI/m-p/56792
TL;DR: In R80.x, you can do it from SmartConsole assuming you have access, in earlier releases you have to use EmergenDisk.

License_Support · ‎2020-04-27

he 🙂 i can fix the password with no problem - but the database was dead.. to many power failures after each other bricket it.

I did a restore and forgot about it again.

However It would be nice to have a method to get the rules and objects etc out when booted in to rescue mode.

It is frustrating to see all the files and data and not be able to "just" run the clish -c "show configuration" and perhaps copy out the database to fix it and extract the data..

PhoneBoy · ‎2020-04-27

What's available on the gateway is the compiled policy, which isn't in a form that can be "exported" to some other management.
Check Point Professional Services can help extract this.
It's definitely more complex than you could render via "show configuration."

Ricki_Juntak · ‎2025-07-29

Hi PhoheBoy,

I face the issue about rescue boot right now for device mho140.

before we upgrade the mho140 from r81.10 to R82 and after that we rollback using the snapshot(auto snapshot) but when revert snapshot finish the mho140 not back to normal: interface show only interface lopback, try reboot the mho140 (hard reboot) cannot boot to OS R81.10 but stuck at rescue boot.

maybe you have suggestion for my issue, I see from SK the grub boot for r81.10 and r82 is different, grub r81 and grub2 r82,

when I try to check the boot location, find error below:

grub rescue> ls
(hd0) (hd0,gpt4) (hd0,gpt3) (hd0,gpt2) (hd0,gpt1) (lvm/vg_splat-lv_current) (lvm
/vg_splat-lv_log) (lvm/vg_splat-lv_fcd_GAIA)
grub rescue> normal
Unknown command `normal'.
grub rescue> ls (hd0,gpt3)
(hd0,gpt3): Filesystem is unknown.
grub rescue>

_Val_ · ‎2025-07-29

@Ricki_Juntak You are asking something completely unrelated to the original post. Also, that post is very old, and the info is obsolete now.

I suggest you open a new discussion in the Maestro space for your issue

Ricki_Juntak · ‎2025-07-29

Thank u Val,

I already create one post on maestro space.

Are you a member of CheckMates?

Extract configuration from rescue mode