This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sajenthiran_Mic
Contributor
‎2019-05-23 04:02 AM

LOM settings - Direct acces onto Remote Console

We have multiple  5000 Appliance and to have a more direct way to access "Remote Console". Currently we have to login per https on to the LOM  - Management Interface. And start JViewer to access Remote Console.

I am looking for alternative.  I used  on openserver to use vnc to access directly the Remote console Window!!

How can i start the "Remote Console" using different Tool? I would prefer not to use a Webbrowser...

11 Replies
Vladimir
Champion
Champion
‎2019-05-23 07:22 AM

@Sajenthiran_Mic , the function of LOM is to provide the control of the appliance even in powerdown state, so long as it is power cords are connected. It is not simply a redirect of the console, but a means of hardware diagnostics, remote ISO mounting and rebuild, etc.

Console redirect is only one of its functions and in Check Point's case it does rely on .jnlp download and execution.

If you are simply looking to have remote console access with no advanced management capabilities, I suggest using Console Servers such as the one of the models described here:

https://www.perle.com/products/iolan-sds-terminal-server.shtml

Which will allow you to configure custom SSH port redirect to the console of the appliances.

On a side note, it is a high time for Check Point to redesign the LOM modules to allow SSH redirect to serial, remove Java dependency and replace it with HTML5 interface. 

Tommy_Forrest
Advisor
‎2019-05-23 12:10 PM
In response to Vladimir

LOM is so helpful.  But dang.

It's 2019.  Why are we still being forced to use Java for stuff like this?

JozkoMrkvicka
Mentor
Mentor
‎2019-05-23 12:16 PM
In response to Tommy_Forrest

Yes, we are living in 2019 and LOM is still only 100 MB interface ...

Not to mention, that the newest Smart-1 devices don't have LOM interface at all. The documentation says this "feature" will be added later ... ridiculous...

Kind regards,
Jozko Mrkvicka
0 Kudos
Tommy_Forrest
Advisor
‎2019-05-23 12:19 PM
In response to JozkoMrkvicka

I mean, a 100MB interface in-and-of-itself isn't a giant gaping security hole.

And a browser doesn't care if it is a 100MB interface.  At least it (unlike Java in modern browsers) will still work.

0 Kudos
JozkoMrkvicka
Mentor
Mentor
‎2019-05-23 12:36 PM
In response to Tommy_Forrest

LOM can be used to mount ISO and perform a clean installation using LOM interface. If this is a case, you will upload 3 GB file over 100 MB interface.... just calculate how long it will take 🙂

Kind regards,
Jozko Mrkvicka
0 Kudos
Tommy_Forrest
Advisor
‎2019-05-24 07:46 AM
In response to JozkoMrkvicka

About 4 minutes.

0 Kudos
Daniel_Kavan
Advisor
‎2022-05-09 05:18 AM

It's 2022 .....and still using Java Console.    The windows security team has removed Oracle Java 8 & I can no longer remote in.   Is there any Java alternative?  So far testing with Temurin JDK 17 & JRE 11 with no luck.  html5 would be great.

0 Kudos
Dolev
Employee
Employee
‎2022-05-09 05:28 AM
In response to Daniel_Kavan

Hi,

There is HTML5 based LOM for Quantum appliances: https://community.checkpoint.com/t5/Product-Announcements/Introducing-new-HTML5-LOM-for-Quantum-appl...

0 Kudos
Tommy_Forrest
Advisor
‎2022-05-09 05:29 AM
In response to Daniel_Kavan

The new Quantum series appliances will either ship with the new LOM card or you can order it if it is an older Quantum appliance (support for the new LOM card came out with the Quantum series gateways, but Check Point was a little slow getting them and many of the early Quantum gateways didn't come with the new LOM card automagically).

The new LOM cards support HTML5.

Chris_Atkinson
Employee Employee
Employee
‎2022-05-09 08:40 PM
In response to Daniel_Kavan

Depending on your appliance model you may still have to use Java, but not necessarily Oracle per sk147153.

CCSM R77/R80/ELITE
Daniel_Kavan
Advisor
‎2022-05-10 05:07 AM
In response to Chris_Atkinson

Thanks everyone.   I was able to get in with IcedTea and Java 8.

http://icedtea.wildebeest.org/download/icedtea-web-binaries/1.8/windows/

Temurin AdoptOpenJDK 8 JRE

 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events