Hi CheckMates,
I am Rajesh, working as Security Engineer.
Recently we upgraded our CheckPoint appliance from R77.30 to R80.10.
We use EXPECT script in our application to login the CheckPoint device as an admin user and change it to "expert" mode to do further changes in the configurations.
This process of changing into "expert" mode from normal ( CLI ) mode used to work perfectly with previous versions of CheckPoint, but is failing with R80.10.
It get stuck at the Password prompt for "expert" in R80.10 though it used to work with previous versions as I said above.
$ ./cpR80.exp aa.bb.cc.dd admin '*********'
spawn ssh admin@aa.bb.cc.dd
This system is for authorized use only.
admin@aa.bb.cc.dd's password:
Last login: Tue Dec 26 09:57:47 2017 from 10.0.xx.xx
cartier> lock database override
CLICMD0201 Config lock is already turned on.
cartier> expert
Enter expert password:
<<Here this should enter into expert mode, but it is not changed>>
EXPECT script for your reference:
$ cat cpR80.exp
#!/usr/bin/expect
set timeout 60
spawn ssh [lindex $argv 1]@[lindex $argv 0]
expect "yes/no" {
send "yes\r"
expect "*?assword" { send "[lindex $argv 2]\r" }
} "*?assword" { send "[lindex $argv 2]\r" }
expect "*>" { send "lock database override\r" }
expect "*>" { send "expert\r" }
expect "*word:" { send "[lindex $argv 2]\r" }
interact
Can anyone help here on how to troubleshoot this issue or shed some more light if anybody faced the same issue just in case.
Thanks,
Rajesh