Tag: checkpoint

Debugging on a Checkpoint

1) Prepare the debug: [Expert@FW]# fw ctl debug 0  —This defaults (clears) all the kernal debugging options [Expert@FW]# fw ctl debug -buff 32000  —This is the buffer that the kernel users to store debugging messages [Expert@FW]# YOUR DEBUG FILTER HERE 2) Verify the debug [Expert@FW]# fw ctl debug -m fw 3) Start and write the debug to…




Useful Checkpoint Commands

Entering Expert Shell cpfirewall>expert Exiting Expert Shell [Expert@cpfirewall:0]clish Check FW Version (Expert Mode) fwm ver Check HA Status (Expert Mode) cphaprob stat Check When Policy Last Installed (Expert Mode) fw stat Check Load of Each CPU (Expert Mode) cpstat -f multi_cpu os Check Load of Each CPU Every Minute (Expert Mode) watch -n 1 “cpstat…




Checkpoint IPSO – Adding/Deleting/Viewing Routes via clish

From clish shell… Adding a route: set static-route <network/mask> nexthop gateway address <gatewayIP> on Deleting a route: set static-route <network/mask> nexthop gateway address <gatewayIP> off Viewing all routes: show routes Examples set static-route 10.1.1.0/24 nexthop gateway address 10.2.1.1 off set static-route 10.1.2.0/24 nexthop gateway address 10.1.1.1 on save config exit