This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Martijn
Advisor
Advisor
‎2025-07-02 08:11 AM
Jump to solution

Brand new appliance with non-default IP on Mgmt interface

Hi all,

Last week I was installing a brand new 9300 appliance and tried to follow the First Time Wizard.
The NIC of my laptop was 192.168.1.2 and I could not connect to 192.168.1.1.
Checked to see if something was wrong with the laptop or cable, but all was OK.

Connected via console and could connect with the default username and password. Found out the IP-address of the Mgmt port was 10.x.x.x and not 192.168.1.1. Customer told me they did not do anything with the appliance. Only take it out of the box for configuration.

I performed a Factory Reset, but the 10.x.x.x IP-address remained as the Mgmt IP. Via console I changed the IP to 192.168.1.1 and could finish the First Time Wizard, but is strange a brand new appliance does not have the default 192.168.1.1 IP.

I opened a ticket with Check Point support. Maybe they can explain this.

Has anyone seen this before?

Regards,
Martijn

Labels
0 Kudos
2 Solutions

Accepted Solutions
JozkoMrkvicka
Authority
Authority
‎2025-07-02 01:29 PM
Jump to solution

9300 appliance supports only dedicated ISO for R81.20 and general R82 as factory image.

Based on Quantum Force 9000 Appliances Quick Start Guide, the MGMT interface of all 9000 appliances should have IP of 192.168.1.1 by default.

ISOmorphic tool supports modifying default IPv4 address based on appliance's MAC address of MGMT interface. When restoring the appliance to factory defaults that you installed using the ISOmorphic tool, the Gaia OS uses the default values based on the advanced parameters you configured in ISOmorphic tool in the Appliance Configuration window - Product, SIC key, Hostname, IPv4 address, IPv4 Subnet mask, IPv4 Default gateway, OS password.

If correct ISO for supported version and no advanced configuration within ISOmorphic was used during re-imaging on 9300 appliance, then something stinks here why IP is not default one...

Kind regards,
Jozko Mrkvicka

View solution in original post

(1)
Martijn
Advisor
Advisor
‎2025-07-02 10:36 PM
Jump to solution

Hi all,

Got an answer from a Team Manager at TAC. See below:

-----
We can confirm that the reason for the wrong IP is due to an issue on our side during the FCD image original installation.
We recently encountered an issue during the ISO installation that caused the FCD image to not rewrite the IPs.

This issue was already fixed on our side, so it should not re-occur in the future.

In addition, each machine is going through several tests in the factory, and the IP 10.x.x.x might be a part of those tests since, when looking at the sales record, this looks to be a brand new machine and not part of an RMA from the past.
-----

The advice was to re-image the appliance with a USB to bypass the FCD image installed on the appliance.

A mystery solved!!

Regards,
Martijn


View solution in original post

10 Replies
the_rock
Legend
Legend
‎2025-07-02 10:08 AM
Jump to solution

Maybe @PhoneBoy can confirm this, but I am fairly positive that 192.168.1.1 was always the default IP for any CP appliance out of the box. Personally, I had never seen what you experienced.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2025-07-02 11:27 AM
In response to the_rock
Jump to solution

That may no longer be the case in current versions (192.168.1.1 being the "default" IP for an appliance OOTB).

0 Kudos
the_rock
Legend
Legend
‎2025-07-02 11:58 AM
In response to PhoneBoy
Jump to solution

I still find that odd, because I was helping 2 customers recently with 9300 models and 192.168.1.1 was definitely default IP out of the box.

Andy

0 Kudos
the_rock
Legend
Legend
‎2025-07-02 12:00 PM
In response to PhoneBoy
Jump to solution

I know we should not trust AI for these things, but even AI copilot indicated when I asked about this that default IP is indeed 192.168.1.1. @Martijn super curious what TAC tells you.

Andy

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2025-07-02 01:29 PM
Jump to solution

9300 appliance supports only dedicated ISO for R81.20 and general R82 as factory image.

Based on Quantum Force 9000 Appliances Quick Start Guide, the MGMT interface of all 9000 appliances should have IP of 192.168.1.1 by default.

ISOmorphic tool supports modifying default IPv4 address based on appliance's MAC address of MGMT interface. When restoring the appliance to factory defaults that you installed using the ISOmorphic tool, the Gaia OS uses the default values based on the advanced parameters you configured in ISOmorphic tool in the Appliance Configuration window - Product, SIC key, Hostname, IPv4 address, IPv4 Subnet mask, IPv4 Default gateway, OS password.

If correct ISO for supported version and no advanced configuration within ISOmorphic was used during re-imaging on 9300 appliance, then something stinks here why IP is not default one...

Kind regards,
Jozko Mrkvicka
(1)
the_rock
Legend
Legend
‎2025-07-02 06:48 PM
In response to JozkoMrkvicka
Jump to solution

It will still be interesting to see what answer TAC gives...that is indeed a strange one.

Andy

0 Kudos
Lesley
Authority Authority
Authority
‎2025-07-02 01:30 PM
Jump to solution

Quick start guide for the 9000 serie appliances indeed state IP 192.168.1.1

https://dl3.checkpoint.com/paid/a3/a3fafcb16f662d1185eedf0ade2127ab/CP_9000_QSG_21.2.24.pdf?HashKey=...

 
 
 

screen.jpg

 Maybe the factory image was put via ISOmorphic and they still had an IP configured in Options menu ->

Lesley_3-1751486407194.png

Not sure how they put factory image on a box at check point of course, just check if the other units also have this issue. I suspect someone install image with build in config via this tool. There you can set some basic config. Maybe something like this got messed up. 

 

screen2.jpg

The image you put with ISOmorphic will become the factory image as far as i know

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
Martijn
Advisor
Advisor
‎2025-07-02 10:36 PM
Jump to solution

Hi all,

Got an answer from a Team Manager at TAC. See below:

-----
We can confirm that the reason for the wrong IP is due to an issue on our side during the FCD image original installation.
We recently encountered an issue during the ISO installation that caused the FCD image to not rewrite the IPs.

This issue was already fixed on our side, so it should not re-occur in the future.

In addition, each machine is going through several tests in the factory, and the IP 10.x.x.x might be a part of those tests since, when looking at the sales record, this looks to be a brand new machine and not part of an RMA from the past.
-----

The advice was to re-image the appliance with a USB to bypass the FCD image installed on the appliance.

A mystery solved!!

Regards,
Martijn


the_rock
Legend
Legend
‎2025-07-03 05:05 AM
In response to Martijn
Jump to solution

Thanks for letting us know @Martijn 

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2025-07-03 01:12 PM
In response to Martijn
Jump to solution

well, does it mean there is no validity check during FCD on new appliances if there was no custom configuration (or even scripts) baked as part of FCD ?

There should be some way to do "default" FCD even if machine was reimaged using custom option within ISOmorphic tool. Or at least notify user if modified FCD is about to be restored.

Kind regards,
Jozko Mrkvicka
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events