Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Easy Backup Tool

HeikoAnkenbrand
Champion
Champion

asy Backup Tool

Features


This tool creates a backup of all GAIA gateway configurations with one CLI command "ebackup":

Easy backup Tool.JPG

easy_backup_over1a.jpg
- Only one CLI command "ebackup"
- Backup of all Gaia gateway configurations (Check Point appliances, Open Server, SMB appliances 11xx, 14xx)
- Migrate export on SMS
- Migrate-server on MDS
- Backup all files to one TGZ file
- FTP upload support backup file
- CP upload support for backup file via cprid_util

- MDS   > All

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




80 Replies

sonics
Explorer

Hello Heiko

First many thanks for that great script. i have 3 questions:

1. We also backup our smartevent server with ebackup but because it has no gateway on it ebackup gives the following back:

Backup GAIA config gateways:

Failed -

2. would it be possible to write the results of the ebackup to a log file and than parse that with a monitoring tool to be aware of failed backups?

 

3. we also have a 80.30 MDM to save and when run ebackup it gives me the following error:

MDS

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

sonics
Explorer

Hello all

We have also figured out that with MDM 80.30 and ebackup the path to the migrate export is wrong and we had to set that manually inside the ebackup script. here the infos about it:

original: # $MDS_FWDIR/scripts/migrate_server export -skip_upgrade_tools_check -n -v $RVER $REMOTE_DATEI 2>&1> /tmp/ebackup_migrate ;

changed to: /opt/CPsuite-R80.30/fw1/scripts/migrate_server export -skip_upgrade_tools_check -n -v $RVER $REMOTE_DATEI 2>&1> /tmp/ebackup_migrate ;

 

best rega

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

nils_alfer
Contributor

very nice tool

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Hammar
Participant

Does it work with R81?

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Tedi_Barer
Explorer

Great script.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Nik
Explorer

Hi Heiko,

Thank you for the utility.

Do you plan an option to include only sms without gateways in the backup file?

Also, I found when I run ebackup -v, I see that cpstop/cpstart are still executed. Shouldn't they be executed with -s flag only? I'm running R80.40 in AWS. 

Regards,

Nikolay

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

HeikoAnkenbrand
Champion
Champion

Hi @Nik,

I'll take a look at it in the script.

I have found another small issue with R81. Here the version recognition does not work correctly. I will change this in the script in the next days.

Regards,
Heiko

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Nik
Explorer

Hi Heiko, 

Thank you so much.

Since we're using a Security product, could you also look at the option of copying the backup over scp with user/pass and a certificate or .key file? 😉

Thank you in advance. 

Nikolay 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

msompong
Explorer

Hi @HeikoAnkenbrand ,

First of all I would like to say thank you for your sharing this tool.

Because I'm very new in Checkpoint I have some of question.

- I've just to copy the script to the Checkpoint Smart-1 and then it will be backup the firewall policy and the gateway configuration right?

- I've copied your scrip and run , but I've got the error below How can I resolve it?

 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Infinigate_Sup
Participant

There is a small bug with R81. The version string is not correct! 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

sonics
Explorer

Hello. is there allready a solution that works with R81?

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

sonics
Explorer

Hello Infinigate_Sup. where is that bug and how to solve it?

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

pasoftware
Explorer

Hi Heiko,

 

Thank you very much for sharing this tool.

 

I have copied the script onto an R80.40, and it's giving an error which is attached. This error has also been reported in the Easy View Tool (Easy View Tool - Check Point CheckMates) yet the solution didn't work for me.

Any ideas pls?

 

David

 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

_Val_
Admin
Admin

@pasoftware there is no attachment here. Please use picture icon to add your pic to the post

Screenshot 2021-04-12 at 16.19.51.png

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

pasoftware
Explorer

Sorry for that, error is now attached.

 

Thanks Capture.PNG

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

_Val_
Admin
Admin

Check API is enabled, and the client is in the list of authorised IPs

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

pasoftware
Explorer

Thank you for your help.

However the issue was the port number. I've changed the port number in the script to the one i got from the api status command and its working now.

Thanks again.

 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

_Val_
Admin
Admin

@pasoftware great to know, that would be my second recommendation, to check the port

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Simon_Macpherso
Collaborator

Hi Heiko

Looks interesting.

I see there are a few comments re integrated SCP transfer in to this.  

Has this been added or is it on the roadmap to add?

Also after reviewing the bash script I see this is only targeting simple gateways and servers.

Are you planning on adding support to target simple clusters also?

Regards,

Simon

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Amir_Arama
Collaborator

Hi,

do you have the option to run the ezbackup from mgmt to all GWs at once? i don't want to instal and run it on each gw separately thx

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

moritz_r
Participant

Hi @Amir_Arama, the ebackup script is written to run it on a Management Server too. Just install it on the Management Server and you can use the command "ebackup" to run. It will collect a "migrate_export" and "save configuration" from the management itself and all Gateways. Check the content of the output file in the end and you will see.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos