Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LeeBingKang
Advisor
Jump to solution

Proper way to insert license to a Gaia OS security gateway that manage by Smart1-Cloud

Hi All,

 

I would like to seek your advice on the proper way to insert license on a Gaia OS security gateway that managed by Smart1 Cloud and the whole story is like this:

 

Recently, I had a project whereby upgrade and split a standalone firewall into distributed mode (managed by smart1-cloud).

Upgrade process done successfully and the firewall able to establish MaaS tunnel and also SIC to the smart1-cloud.

However, we faced a minor roadblock on the insert license whereby we don't know which ip address we should put into the license with certain reasons below:

a. usually we will put the firewall object ip address into the license, but we can't make it as the firewall object in the smart1-cloud is MaaS tunnel ip and this ip will change if the MaaS tunnel reset (In the case of firewall down due to RMA, etc)

 

b. we also not confirm whether put other physical interface as license ip is recommended.

 

Lastly, please let me know if you need any further information from me on this post.

 

Thank you.

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee

In Smart-1 Cloud the Management Server holds an internal IP address, which is inaccessible from the outside.

Usually it is not necessary to know or use the Management IP address, but in some cases you are required to provide it.

Because the Management IP address is internal, it is the same for all deployments.

Therefore, when required to use the Management IP address, such as Central License, use this IP address: 100.64.0.52.

Source: https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Check-Point-SmartCloud-Admin-...

CCSM R77/R80/ELITE

View solution in original post

7 Replies
Chris_Atkinson
Employee Employee
Employee

In Smart-1 Cloud the Management Server holds an internal IP address, which is inaccessible from the outside.

Usually it is not necessary to know or use the Management IP address, but in some cases you are required to provide it.

Because the Management IP address is internal, it is the same for all deployments.

Therefore, when required to use the Management IP address, such as Central License, use this IP address: 100.64.0.52.

Source: https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Check-Point-SmartCloud-Admin-...

CCSM R77/R80/ELITE
LeeBingKang
Advisor

Hi Chris and thanks for your reply. May i know what should we do if the license for the security gateway is local license?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Is there a reason central license can't  be generated / used?

CCSM R77/R80/ELITE
0 Kudos
LeeBingKang
Advisor

Hi Chris. I think there is no issue on the central license, and i just wonder how to apply the license if we use local license.

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Local license is a legacy method with limitations (refer: sk62685).

CCSM R77/R80/ELITE
0 Kudos
LeeBingKang
Advisor

Hi Chris. thank you for your information provided just now and i have go through the SK.

 

I will give a try to change the license IP to 100.64.0.52 and attached the firewall to see if its work or not.

 

I will give my update on next Monday.

0 Kudos
LeeBingKang
Advisor

Hi @Chris_Atkinson , the way you mentioned is working fine.

 

Thank you for your help and kind patience on my reply.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 23 Apr 2024 @ 08:00 AM (CDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Tue 23 Apr 2024 @ 08:00 AM (CDT)

    South US: HTTPS Inspection Best Practices

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events