- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
I recently got into administrating our Checkpoint Gaia Firewall which currently is on version R81. I would like to upgrade it to R81.10, however I would like to do it in a fresh virtual machine, not via upgrade.
I tried to do
migrate export FWconfig.tgz
and
migrate import FWconfig.tgz
on the new VM, however it said it can't import anything that was created on a previous Gaia Version. Only same version.
I then found
save/load configuration <filename>
Which looks really good, but that "only" contains the configuration. I would like to have all my objects etc. too
Is there a way to export the configuration and also all the objects - basically everything - from Gaia to a newer Gaia Version?
You are using the legacy migration tools, which are only supported to migrate to/from same version.
These are the new tools to use: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
To make sure, are you migrating SmartCenter Server or a Security Gateway?
If its ONLY firewall part, then simply do show configuration and copy over the config output to new machine. If its mgmt server, then yes, you can do migrate export, or migrate server starting R80.20.
@the_rock , bad idea. Copy/paste config can play havoc with migrating Gaia config.
On source GW, save configuration <filename> should be executed.
On destination, you should use:
set clienv on-falure continue
load configuration <filename
when successfully completed (you may see iterating counter as lines are being processed), run
set clienv on-failure stop
then,
save config
With all due respect @Vladimir , I disagree. I had done it way I mentioned countless times and never ever had a single issue. Not saying your way is wrong though : - )
There is an sk somewhere that describes the process, but I am speaking from experience of actually stepping on this rake myself a few times in the past.
In relatively simple configurations, copy/paste may very well work.
In a more complex ones, you'll be able to paste, but look out for errors processing some of the lines.
It seems that in version R81 (and presumably later), we may actually use "save configuration <filename>" and "load configuration <filename>" without changing clienv settings, but until few months ago, I was still moving large clients from R77.30 using described method.
Thats fair...Im type of mentality "whatever works, as long as nothing breaks" brother : - )
In my case (many years ago) it did though 🙂
I recall comparing resultant config to the original one and seeing chunks of it missing.
sk102234 Backing up Gaia system level configuration :
To create the configuration file, use the following procedure:
HostName > save configuration <filename>
This will create a file with your current system level configuration in the home directory of the current user.
For example, if logged in as "admin", the file will be located in /home/admin.
To load the configuration, use the following procedure:
Run Gaia First time configuration Wizard first when loading the configuration to a Gaia fresh installed device.
Copy the file into the home directory of the user you will log in as.
For example, if you will log in as "admin", put the file in /home/admin.
Log in to the Security Gateway or Security Management server.
Run the following command using the name of the configuration file.
A message will display showing the current progress and any errors that are encountered.
Then save config to commit the changes:
HostName > set clienv on-failure continue
HostName > load configuration <filename>
HostName > set clienv on-failure stop
HostName > save config
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY