Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vishnu_Kumar
Contributor

Need help for Juniper to Checkpoint Migration,using Smart Move

Hi All,

I am facing an issue when trying to Migrate Juniper Configuration Management Server (Gaia-R80.10)

Existing firewall is  "Juniper  SRX 3400" having "JUNOS 12.1X46-D40.2 built 2015-09-26" OS Version.

For this I am Using SmartMove tool of Checkpoint.

For the same I got the configuration file of Juniper firewall into XML format.

But when I am running SmartMove tool, getting below error , for further reference please find attached files.

================

]0;admin@management:~/Smart_Move [Expert@management:0]#
]0;admin@management:~/Smart_Move [Expert@management:0]#
]0;admin@management:~/Smart_Move [Expert@management:0]# ./J uniper_Conf_objects.sh
Logging in...

Creating total of 2107 Objects...
Create Network Group Objects (x1973)
create network group [_Err_in_topology-line_5]: 0 members
create network group [_Err_in_topology-line_518]: 0 members
create network group [_Err_in_topology-line_1307]: 0 members
create network group [_Err_in_topology-line_1744]: 0 members
create network group [_Err_in_topology-line_3371]: 0 members
create network group [_Err_in_topology-line_5217]: 0 members
create network group [_Err_in_topology-line_5433]: 0 members
create network group [_Err_in_topology-line_5463]: 0 members
create network group [_Err_in_topology-line_7422]: 0 members
create network group [_Err_in_topology-line_8749]: 0 members
create network group [_Err_in_topology-line_8774]: 0 members
create network group [_Err_in_topology-line_9296]: 0 members
create network group [_Err_in_topology-line_9683]: 0 members
create network group [_Err_in_topology-line_10403]: 0 members
create network group [_Err_in_topology-line_10746]: 0 members
create network group [_Err_in_topology-line_11290]: 0 members
create network group [_Err_in_topology-line_11850]: 0 members

===========================================

If any body can help me, its most welcome.

0 Kudos
1 Reply
Robert_Decker
Advisor

Hi,

As you've mentioned in your attached screenshots, there were conversion errors during the conversion process.

These conversion errors (related to objects conversion or policy conversion) may be viewed and analyzed in the conversion reports generated by the tool.

When the conversion is completed, there is a Conversion Results pane at the bottom of the form, with links into original configuration file and converted policy previews.

Please go to these links and analyze the results. After all errors are fixed and your Juniper XML configuration file is updated, run the tool again.

Only then you can copy the bash script files to your management server and run.

From your screenshots I see that you have errors related to network groups and sevice groups conversion.

Click on "Original file" link on the Conversion Results pane, and see what happened.

BTW, at the bottom of the tool's form there is a link to the SK of this tool, with detailed explanation how to use this tool.

Robert.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events