This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
stallwoodj
Collaborator
Collaborator
‎2024-11-01 06:56 AM
Jump to solution

Can't Install R82 on VMware 6.7

Hi,

I've just completed the FTW for a build of R82 T777 on my ESXi 6.7 machine, and now the firewall just crashes on boot. Same messages going round and round.

The VM has 8GB and 6 CPU's, with 4 NICs with OS type "Other 4.x 64-bit". The guest was configured to be an ElasticXL cluster member running vsnext.

A build of R82 to be a primary manager worked just fine. Any help appreciated 🙂

Thanks

Jamie

Preview file
22 KB
0 Kudos
1 Solution

Accepted Solutions
JozkoMrkvicka
Authority
Authority
‎2024-11-01 03:44 PM
In response to stallwoodj
Jump to solution

According to the R82 Release Notes, ElasticXL is NOT supported on Open Servers. ElasticXL Cluster supports only Check Point appliances that have the dedicated ports called "Mgmt" and "Sync".

According to the R82 Release Notes, VSNext is NOT supported on Open Servers. 

Why it is even possible to select these options on VM during FTW, is another question...

Kind regards,
Jozko Mrkvicka

View solution in original post

16 Replies
the_rock
MVP Gold
MVP Gold
‎2024-11-01 07:42 AM
Jump to solution

Can you change the nic type as below? I know this is eve-ng, but not sure if same option can be set in vmware.

Andy

 

 

Screenshot_1.png

 

0 Kudos
stallwoodj
Collaborator
Collaborator
‎2024-11-01 07:49 AM
In response to the_rock
Jump to solution

Hi Andy,

NICs are already vmxnet3, have attached the settings spec.

Preview file
68 KB
0 Kudos
the_rock
MVP Gold
MVP Gold
‎2024-11-01 07:53 AM
In response to stallwoodj
Jump to solution

I remember once I had similar issue with vmware and had to change controller type. We got rid of vmware, as we found eve-ng is so much better, so dont sadly ability to test this for you, sorry : - (

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2024-11-01 08:32 AM
In response to the_rock
Jump to solution

Funny enough, I just switched my internal lab to Promox from VMware ESXi 7 🙂
Since I had to do the switch on the same hardware, I converted the VMs to qcow2 and tested them on a different system running KVM.
It's all...a bit different, but at least the underlying Linux is actually usable and a whole lot easier to upgrade than VMware. 🙂

the_rock
MVP Gold
MVP Gold
‎2024-11-01 08:59 AM
In response to PhoneBoy
Jump to solution

Totally agree!

Btw, @stallwoodj 

See if below video helps. I know its R80.40, but worth checking out the settings.

Andy

https://community.checkpoint.com/t5/Management/How-to-install-check-point-mgmt-in-vmware-workstation...

0 Kudos
PhoneBoy
Admin
Admin
‎2024-11-01 08:24 AM
Jump to solution

You should be specifying RHEL 8.x as the VM type, I believe.

stallwoodj
Collaborator
Collaborator
‎2024-11-01 09:03 AM
In response to PhoneBoy
Jump to solution

Hi Dameon,

Tried that, still getting the same error on boot. 

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2024-11-01 03:44 PM
In response to stallwoodj
Jump to solution

According to the R82 Release Notes, ElasticXL is NOT supported on Open Servers. ElasticXL Cluster supports only Check Point appliances that have the dedicated ports called "Mgmt" and "Sync".

According to the R82 Release Notes, VSNext is NOT supported on Open Servers. 

Why it is even possible to select these options on VM during FTW, is another question...

Kind regards,
Jozko Mrkvicka
the_rock
MVP Gold
MVP Gold
‎2024-11-01 04:17 PM
In response to JozkoMrkvicka
Jump to solution

Great point. I totally overlooked the fact it was elasticxl in the description.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2024-11-04 06:23 AM
In response to JozkoMrkvicka
Jump to solution

I believe the plan is to support these options in a JHF.
Meanwhile, for lab purposes, you can likely make this work.

the_rock
MVP Gold
MVP Gold
‎2024-11-01 05:53 PM
Jump to solution

Hey @stallwoodj 

I dug a little further about previous posts made about elastic xl and found below, but not sure it might be useful here, since I made post asking about sync issue with elasticxl in eve-ng, but you can check out what @shais gave as a solution, though if your vm is not even booting up, cant even check it. Let me see if there are any colleagues that can possibly test this somehow on vmware.

Andy

 

https://community.checkpoint.com/t5/Security-Gateways/R82-elasticXL-lab/m-p/220708/emcs_t/S2h8ZW1haW...

Also, maybe below may help, if there is a setting for promiscuous mode in vmware, you may want to disable it.

https://community.checkpoint.com/t5/Security-Gateways/R82-lab-with-ElasticXL/m-p/219578#M41986

0 Kudos
Niels_van_Sluis
Contributor
‎2024-11-02 06:57 AM
Jump to solution

Maybe it's not supported. But it seems to be working on ESXi 8.0 Update 2. I've used the following configuration:

  • CPU: 2vCPUs
  • Memory: 16GB
  • Hard disk 1: 110GB
  • SCSI Controller 0: LSI Logic SAS
  • 3x Network adapter: VMXNET 3

First installation failed. The security gateway didn't start. Messages about 'ckp: Loading FW-1 IPv4 Instance 0: failed'. Then I started with the config above.

r82-esx.png

 

 

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2024-11-02 07:13 AM
In response to Niels_van_Sluis
Jump to solution

Im sure these things can be done and workaround applied, but then again, I would never encourage anyone doing it in production, specially if official vendor document states its not supported.

Andy

0 Kudos
Niels_van_Sluis
Contributor
‎2024-11-02 07:17 AM
In response to the_rock
Jump to solution

I agree, I wouldn't run it in production. But it sure helps if these new features can be run in my home lab.

the_rock
MVP Gold
MVP Gold
‎2024-11-02 07:17 AM
In response to Niels_van_Sluis
Jump to solution

100%

0 Kudos
ShaiF
Employee
Employee
‎2024-11-02 11:35 PM
Jump to solution

Hi @stallwoodj ,

ElasticXL/VSNext is not supported officially for production.

BUT We do encourage using VMs for it on Labs for demos/training/playing....

In most cases installing on VMs should work out of the box.

I guess you have some specific issue related to your ESX. If you did not manage to overcome it you can send me private message and i can try assist.

Regards,

Shai.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events