Nimzo's Offering

cp-nimzo · #1 (**permalink**) 2007-01-21

Hello All,
I have worked on a vce for CCSA.
I was not able to complete it since i need to move on to CCSE.
I finished the first half I would like to see others complete this project by adding comments and categorizing the rest of the questions in the vce.

If You make CCSE and CCSE+ assessible I will do the same for those.

If there are any questions you need researched post them here and i'll try to get the info for you.

Also, I suggest you set up a lab enviorment using VMware.
download the SPLAT VMware image from checkpoints website.
and either set up a vmware web site or download a vmware appliance from vmwares website. I used project-open which is a suse webserver. After i set it up i set the runlevel to 3 in the inittab to conserve on memory.

In vmware workstation clone both splat and the webserver so you can have two lan segments. I called them:

fwrome
webrome

fwoslo
weboslo

also on in the repository is an image of freesco which is a linux router that runs on fat 16. I have the default image and the mmodified freesco image which is ready for the above confiuration. In fact you could even setup all nine location to simulate the checkpoint lab if you wanted to!

You want to set them up the vmware nodes as a team there is a jpg that shows the correct configuration on how to setup the lan segments you may need to modify it slightly for you enviroment but you should have a problem.

the password for the router is

root
password

I also have a jpg of the configurations of the router.

admin (web)
password

I'm keeping this area shareable so if you have something checkpoint related put it up on the site.

http://www.4shared.com/dir/1825095/b...e/sharing.html

Nimzo
MCSE,CNE 4&5, Linux+, LPIC-1, VCP VI2,CCSE 4.1,CCSA NG, CCSA NGX

godspeedcapri · #2 (**permalink**) 2007-01-22

Good stuff mate. Cheers.

godspeedcapri · #3 (**permalink**) 2007-01-22

Hi Nizmo,

Is it possible to explain the vmware nic connections used for your lab setup on this post? It is quite confusing with vmnet0,vmnet1 and vmnet8...etc.

Thanks.

cp-nimzo · #4 (**permalink**) 2007-01-22

I have Five vm's going. They follow the configuration in the NGX I handbook.
i'll try and scan it tomorrow.

The Firewalls get two virtual nics there is the 10.X.X.X thats internal.
and 172.16.X.X that's considered external.

the webservers go on the 10.X.X.X side

the router is seperating the two 172.16.X.X networks (Rome & Olso)

AS far as the freesco router. you can run it as a floppy image specified in the vmware properties or you can set up a virtual disk (fat 16) format it with a dos boot disk. when freesco boots up theres an option to run it from the hard drive (that is the virtual disk) you then have to type router.bat to launch the router. I added an autoexec.bat file to do it for me.

freesco also has a host file for dns. it can also cache names to.

freesco has alot of functionality.

I hope this helps.

godspeedcapri · #5 (**permalink**) 2007-01-23

Beautiful. :). that sure does help. Awaiting the scanned image...So basically we got to consider Vmnet1 as internal nic and Vmnet0 as external nic for each vmware machine(regardles of it being firewall or webserver)?

cp-nimzo · #6 (**permalink**) 2007-01-23

I created a document on on how to set up vmware.
it's on the site

godspeedcapri · #7 (**permalink**) 2007-01-23

Cannot find the doco on 4shared link you have posted above.

cp-nimzo · #8 (**permalink**) 2007-01-23

sorry it's up there now.

Nimzo

godspeedcapri · #9 (**permalink**) 2007-01-23

Excellent Nizmo. Very helpful set of documents and files.

cp-nimzo · #10 (**permalink**) 2007-01-23

i added the dosboot.vfd to the repository if you want to setup freesco from scratch

nimzo

sujithka · #11 (**permalink**) 2007-01-24

Thanks Nizmo.. it was a gud document.

camel · #12 (**permalink**) 2007-04-10

Hi Guys

have some questions related this discussion:

- this link no longer is available:
http://www.4shared.com/dir/1825095/b...e/sharing.html
'
- where to find the SPLAT VMware image on checkpoints website?? never found it

thanks

Spot1963 · #13 (**permalink**) 2007-04-10

Try : checkpoint.homeip.net

It's has all the documents from cp_nimzo and more.

I also collected all the R60, R62 and R65 documents.

Do not abuse the link or it will be terminated. (it's a server on my home ADSL line)

If you have additional material that I could add, let me know.

cp-nimzo · #14 (**permalink**) 2007-04-10

You rock! Thanks

Nimzo

cp-nimzo · #15 (**permalink**) 2007-04-10

Try VMware's web site under the Appliance section.

Nimzo

oliver · #16 (**permalink**) 2007-04-11

thank you very much, Nimzo and SPOT1963!

kind regards from austria
oliver

camel · #17 (**permalink**) 2007-04-11

very usefull thanks`!!!

ihung · #18 (**permalink**) 2007-04-16

i'm prolly just being a noob but i cant access the shared space

i get error:
The file link that you requested is not valid. Please contact link publisher or...

thanks

*edit
just read camel's post

cp-nimzo · #19 (**permalink**) 2007-04-18

here is the link
hxxp://checkpoint.homeip.net/

change the xx to tt

Spot1963 · #20 (**permalink**) 2007-05-17

I have just uploaded the following documents to the site :

CheckPoint Security Administration I NGX.pdf
CheckPoint Security Administration II NGX.pdf
CheckPoint Security Administration III NGX.pdf

Have fun.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode