---

@PhoneBoy wrote:

You don't see Identity Provider here?

Make sure you're on the latest Web Smartconsole using the command autoupdatercli show (look for mwc in the output) https://support.checkpoint.com/results/sk/sk170314 

product-name: mwc

   component-name: web_console
   component-branch: webconsole_AutoUpdate
   GA-Version: 0
   download-scheduler-active: true
   install-scheduler-active: true
   download-action: idle
   install-revert-action: idle

     installation-date: 2024-10-24_18:59:26
     package-branch-name: webconsole_AutoUpdate
     package-version: 120
     package-name: Check_Point_WEBCONSOLE_AUTOUPDATE_Bundle_T120_FULL.tgz
     package-installed: false
     package-installable: true
     package-previously-installed: true

     installation-date: 2024-10-24_19:36:50
     package-branch-name: webconsole_AutoUpdate
     package-version: 121
     package-name: Check_Point_WEBCONSOLE_AUTOUPDATE_Bundle_T121_FULL.tgz
     package-installed: true
     package-installable: true
     package-previously-installed: false

---

I'm still on R81.20 and won't update soon, if that matters

Hi @Zerat,
Saml authentication is supported on R81.20 with Web SmartConsole.
Web SmartConsole has its own version that can be found with the command that @PhoneBoy wrote or with the following command:
cpinfo -y CPUpdates

Thanks,
Ofir.

@PhoneBoy @Ofir_Calif thanks for help - it appeared, that we used the wrong link (BTW why Check Point still supports /smartview/
?)
for /smartconsole/ it works 🙂
on my defense - I always avoided web consoles if possible - only the infrastructure team sometimes uses the logs to search who to blame 😉

SmartView does not support SAML authentication, correct.

Try Web SmartConsole,
While it does not have feature parity with the installed SmartConsole, it provides many of the day-to-day operations and better performance, and we are constantly improving it.

@Ofir_Calif @PhoneBoy 
How could I access SmartView now? It seems it neither supports Web version nor allow for SAML login to the app...
First CheckPoint ruined RADIUS functionality by refusing to patch protocol vulnerabilities, and now after switching to SAML, we are unable to use important functions (unless we use our breakglass account)
I need some network stats while diagnosing a performance issue (same goes with SmartUpdate and old config in Smart Dashboard - like QoS and HTTPS Inspection for incoming traffic..)

Though it is clearly taking a bit longer to get Blast RADIUS fixes rolled out, we haven't "refused" to do so.
The Blast RADIUS SK was updated earlier this week with new information: https://support.checkpoint.com/results/sk/sk182516 
Still no word on exactly when it will be included in a JHF.

we had to remove the RADIUS hotfix to be able to upgrade to the new take 😞
Also it's a pity that migrating R77 consoles is taking CP soooo long - maybe some consolidation will do better than inventing new stuff for R82? 😉

Adding stuff in SmartConsole is a bit more complicated than just reimplementing the UI in a different application.
HTTPS Inspection is now completely in SmartConsole (and has APIs) in R82...all while implementing new functionality.
There are a lot more APIs now in R82 as well.

Hi @Zerat,
if you need to access SmartView in your browser using SAML authentication you can use Web SmartConsole at
https://<MGMT-IP>/smartconsole.

Thanks,

Ofir

Hi @Ofir_Calif 

Could you guide me where could I find smartview monitor or smartupdate in the web /smartconsole/ ?
It's at least non-intuitive 😉

Regards
Zerat

Hi @Zerat,
Web SmartConsole support SmartView, the same way you use in https://<ip>/smartview
SmartUpdate and "SmartView monitoring" are not web application so they are not part of Web SmartConsole.

Thanks,
Ofir.

Yet, I need SmartView monitoring and smart update functionalities with modern authentication.
Especially the first one we use quite often for troubleshooting gateway issues.
Those consoles remember R77 (along with SmartDashboard - still required for some functionalities) - when will Check Point finally migrate the functionality to modern consoles/web apps?
It's ridiculous behavior for the vendor to leave so much of old mess...

In general, the infrastructure leveraged by apps other than SmartConsole is older (fwm versus cpm) and wasn't designed with REST in mind.
In many cases, the functionality of these old apps has already been reimplemented, albeit in a different form.
In R82, we've added a lot more functionality in the API and eliminated one reason to need SmartConsole (HTTPS Inspection).

As far as I know, the only SmartUpdate functionality that hasn't been reimplemented in SmartConsole (as of R81.20) is offline contract updates (which I think can be handled via CLI).

SmartView Monitor...what specific things are you looking at there?
Most stats/monitoring can be found in cpview and/or Skyline.

Hi @PhoneBoy 

Ok, some stats could be viewed from deep gw properties in SmartConsole
But how about resetting site-to-site IKE tunnels on both sides?
It happens to us from time to time as we have offices in quite a few countries.
We were using SmartView Monitor for this...

Regards
Zerat

SmartConsole does not have the ability to reset VPN tunnels natively.
Perhaps this functionality could be coded as a SmartConsole Extension, but I don't believe one exists currently.
In any case, it's possible with the CLI (e.g. vpn tu) to the relevant gateways.