- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Imagine a Life Cycle Management project where you have to upgrade a VSX gateway with new hardware. Imagine a crashed VSX gateway you need to reinstall whether it is on the same or RMA hardware. Imagine you are upgrading a VSX gateway and need to log a baseline with current BGP peering and all routes of all Virtual Systems. Are you in control and do you know which configuration files were added or modified in VS0 or all other Virtual Systems so you can easily add them back?
vsxexport.sh is my attempt to make it all easier. It reached version 1.0 so it was time to release it to the community.
This script will do the following for you:
GitHub repository: https://github.com/Rick-Hoppe/vsxexport
Changelog
0.1 Initial script
0.2 Display status on screen
0.3 Implemented new method to find Virtual System IDs
0.4 Extra Clish commands added to Clish script and added Affinity + Multi-Queue settings
0.5 Modified output format (splitted conf and log files)
0.6 Rewritten backup of VSes other than VS0
0.7 Fix: -i option added to Clish batch command to ignore failures
0.8 Fix: Cleanup temporary files and added "set virtual-system" to export of Clish config per Virtual System
0.8.1 Export Clish config of all Virtual Systems (other than VS0) to VS-all.config
0.9 Added support for 3.10 kernel
0.9.1 Implemented some "QA" fixes before 1.0 release of this script
1.0 Public release 1.0
1.0.1 Output of other Virtual Systems now have same style as output of VS0
1.0.2 Added commands starting with "set prefix-" to export of Clish config per Virtual System
1.0.3 Added commands starting with "set bootp" to export of Clish config per Virtual System
1.0.4 Added commands starting with "set route-redistribution" to export of Clish config per Virtual System
1.0.5 Added commands starting with "add arp" to export of Clish config per Virtual System
Added commands starting with "set max-path-splits" to export of Clish config per Virtual System
Added commands starting with "set inbound-route-filter" to export of Clish config per Virtual System
Added commands starting with "set pbr" to export of Clish config per Virtual System
Minor change in CoreXL status check
1.1 Added self-update mechanism
1.2 Added status of Dynamic Balancing
Added status of SecureXL Fast Accelerator
Log information about interfaces
Imagine a Life Cycle Management project where you have to upgrade a VSX gateway with new hardware. Imagine a crashed VSX gateway you need to reinstall whether it is on the same or RMA hardware. Imagine you are upgrading a VSX gateway and need to log a baseline with current BGP peering and all routes of all Virtual Systems. Are you in control and do you know which configuration files were added or modified in VS0 or all other Virtual Systems so you can easily add them back?
vsx
...;Thanks! I always prefer to have a recent CPInfo file available to be able to view all important files, command outputs and other details of a VSX system in DiagnosticsView.
Thanks! I always prefer to have a recent CPInfo file available to be able to view all important files, command outputs and other details of a VSX system in DiagnosticsView.
;CPInfo contains so much information that for me it's like finding a needle in haystack, which costs more time in the end. I've used the vsxexport script several times when reconfiguring VSX gateways and it saved me a lot of time while preparing for those maintenance windows.
CPInfo contains so much information that for me it's like finding a needle in haystack, which costs more time in the end. I've used the vsxexport script several times when reconfiguring VSX gateways and it saved me a lot of time while preparing for those maintenance windows.
;CPInfo indexes all files and command outputs to allow quick searches.
Also it has customizable layouts so you don't have to find the need in a haystack once you customized it for VSX.
Great Work!
PS
please correct me. in case using bootp ( dhcp relaying ) - with yours's script information per vs regarding relaying dhcp settings will be missed .
Hi @YuriyAnoshyn,
Thanks for the feedback. You are referring to the 'set bootp' commands right? I will include them in the next version. If you know more commands that are not included yet, please do let me know.
Hi @YuriyAnoshyn,
Thanks for the feedback. You are referring to the 'set bootp' commands right? I will include them in the next version. If you know more commands that are not included yet, please do let me know.
Hi,
What a fantastic script you have made! I noticed that it doesn't pick up route-redistributions, though. Is this intentional, or is it possible to add?
Kind regards
Claes
Hi @Claes_Olsson2 ,
It was not intentional so I added it to version v1.0.4 which is now available. Thanks for the feedback.
Hi @Claes_Olsson2 ,
It was not intentional so I added it to version v1.0.4 which is now available. Thanks for the feedback.
;Hi Rick,
Very nice script indeed. I also have and information gathering script. For the per vs information gathering, I would like to suggest to also include "add arp", "set max-path-splits", "set inbound-route-filter" and "set pbr".
Kind Regards,
Eamon Jones
Hi Rick,
Very nice script indeed. I also have and information gathering script. For the per vs information gathering, I would like to suggest to also include "add arp", "set max-path-splits", "set inbound-route-filter" and "set pbr".
Kind Regards,
Eamon Jones
;Version 1.1 has been published an includes a self-update mechanism. It will check for new versions in the GitHub repository when the script is launched. If a new version is available it will be downloaded, installed, and started. If the check fails for some reason it will display a FAILED message and continues with the rest of the script.
Version 1.1 has been published an includes a self-update mechanism. It will check for new versions in the GitHub repository when the script is launched. If a new version is available it will be downloaded, installed, and started. If the check fails for some reason it will display a FAILED message and continues with the rest of the script.
;'set bootp' is added since version 1.0.3 and should be backupped if you downloaded version 1.1 today. I've doublechecked it in my lab on R80.40 VSX and 'set bootp' commands in VS1 were backupped successfully.
If it still does not work I need more details about your environment.
'set bootp' is added since version 1.0.3 and should be backupped if you downloaded version 1.1 today. I've doublechecked it in my lab on R80.40 VSX and 'set bootp' commands in VS1 were backupped successfully.
If it still does not work I need more details about your environment.
Hi Rick,
I was running on VSX R81 from a TACACS authenticated user and the problem was that the script did not change VS when executing the command 'clish -i -f cmd_file'
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY