Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ricky_Wong
Participant

Is that possible to have a Notebook with R80.10 installed and able to use the WIFI interface as MGT port?

Hi all,

Might be a crazy idea, but this does help me.

We are going to promote Check Point products to client via providing a Free Health Security check using R80.10 appliance / VM open server.

But in a few strict forward case, client has no VM and we get no Appliance.

Of course, we might ship and loan a server or PC for this purpose, well, but you know not always easy to do this.

So, I think that I can have my notebook as a CheckPoint, and generally we get two network interface on a notebook - WIFI and Rj45. Supposed WIFI is for MGT and Rj45 is in monitor mode as SPAN, everything works smoothly and slightly.

I do hope someone can share me the similar solution and make this things great.

Thanks.

0 Kudos
5 Replies
Jerry
Leader
Leader

"I can have my notebook as a CheckPoint"

that's a nice sentence !

but back to your question:

1. if you can handle your laptop's interface's configuration (routing wise)

2. if you can handle virtualisation of Security Gateway and Management all-in-one VM

3. if you can handle your processing power on your laptop ... manage it well in order to distribute resources so that you can use your laptop normally apart from the VM and it's NIC's associations ...

this may theoretically work. I've seen it working on Tom's Kendrick's (old UK SE) once I was working with him years ago but as far as I remember this was purely done by CP SE so not sure you'll be able to beat that Smiley Happy

Customisation of your laptop though seem inevitable hence my concerns whether it is actually worth a hassle.

Alternative option would be to have small appliance, made all-in-on and hooking it up to the Customer's network.

that would probably set your laptop free and you can demonstrated whatever you need to demonstrate to the customer utilizing little device instead.

think about it, all depends on a budget (licensing wise I think you know you can have 30 days free evals) etc.

good luck and hope it clarifies things a little.

Jerry

Jerry
Vladimir
Champion
Champion

I am using my laptop for PoC builds and lab work all the time and I do not see a problem with what you are describing.

Except what is the reason for designating WiFi for Management? 

I'd keep the management server on "Host Only" network and access it from the SmartConsole running in base OS.

If your requirement is for the client to be able to connect to the management using SmartConsole installed on their networks, then why not use 2xRJ usb adapter for networking (with power savings settings disabled)?

This is the one I've been using for the past 2-3 years (10/100/1000).

Ricky_Wong
Participant

Actually, when I fresh install the R80.10 on my Notebook.

I find two network card on the Machine info:

My WIFI card is eth

And the RJ45 Lan is eth0.

After the installtion donw, only the eth0 appear in the Gaia  .... 

That is what I am trying to ask and use my eth back ~

0 Kudos
Vladimir
Champion
Champion

Do I understand you correctly that you are trying to install Gaia DIRECTLY on your notebook as an All-In-One?

This is clearly unsupported and the results, even if you'll make it work will not be reliable.

I am pretty sure that your notebook is not on CheckPoint's HCL Smiley Happy

I suggest using either VMware Workstation or, prepare the deployment on workstation and deploy it on VMware player on the notebook.

You can even keep management and GW separate in this case.

Just keep in mind these questions:

How many networks have you defined in the VMware workstation?

How many Network Adapters have you assigned to the VM you are provisioning for Gaia?

Is the network you are creating for Management defined as "Bridged" in the VMware Network Editor?

Ricky_Wong
Participant

OH yes, VMware Workstation is the right thing.

I now let the CheckPoint eth0 Management port connect to the VMnet8.

So is the Checkpoint default route right here.

Then share my WIFI network connection to that VMnet8 is ok. But we have to disable the Windows Firewall also, as the DNS incoming traffic back to CP will be blocked.

And my remain physical Lan port just let the CheckPoint Eth1 using VM to replicate its physical connection.

Start the monitor mode in Checkpoint eth1 and the traffic log is now right here. OMG.

This is what I want, and I am able to have a "EASY" checkpoint for every client now.

Many thanks.
0 Kudos