PDA

View Full Version : Firewall Manager Disaster Recovery



avilT
2006-03-15, 20:39
I have Nokia IP 330, VRRP running NG FP3, firewall Manager is on Windows 2000. I need disaster recovery for Windows Firewall Manager. If the firewall manager crashes, how do I bring up the firewall manager on a new maching after installing Windows 2000? What files I need to backup? Thanks in advance.

Lackie
2006-03-16, 09:36
You can use the FP3 version of upgrade_export. This will create a backup of all of the Check Point data. All you have to do is rebuild a machine with the same IP address and Hostname, install Check Point and import this back into it.

avilT
2006-03-20, 00:02
Thank you very much for the reply. Does this also back up the SIC data? Many books suggested to backup only 2 files, object_5_0.C and rulebases_5_0.fws, install the firewall manager on a new PC, restore these two files and then reset the SIC. I was able to load the smart dashboard with this method but had to face several problems. What is the best way to perform the recovery?

Lackie
2006-03-20, 13:29
This does back up the SIC data.

Blueberry
2006-05-19, 08:03
upgrade_tools i.e. the export and import utilities are the best way of backing up that I have come across. As stated as long as the hostname, ip address and versions are the same this will work without a problem.

Sometime the import fails at the very end or you get a random seed issue but these are easily rectified by redoing the task.

srikrishnak
2006-05-22, 04:41
Agree. Export/Import DB is the best option available for the time being. As an idot proof method backup all the FWDIR directory in to another Hard Drive. Some times its quite handy.

sengkhoon
2006-09-20, 04:44
Hi All,

I just want to confirm that by running the command upgrade_export. IT will not cause any service to reset or the firewall to be down for a while . which will cause impact to the network

RayPesek
2006-09-20, 17:02
I'm not sure if you're asking the question or affirming the above responses. You are correct. It will not affect anything. Just don't save it on the same drive as where SmartCenter is installed. :-)

Ray

danensis
2006-09-26, 06:01
Isn't there a registry string that you have to save as well? I understand SIC will not work unless you do this?

sengkhoon
2007-02-05, 00:25
Hi ,

I was trying to do a backup on the FW1 folder but i am getting an error.

cannot copy cpsql_ccN3ceiszAyxgC: It is being used by another program.
Can i know what is this file?

Thanks

baboo
2007-02-05, 09:41
AFAIK the "update_export"-command does not backup your routes.

So remember to write down your routes.
(I found out that the routes are saved in /etc/sysconfig/netconf.C but I'm not sure if it's enough to just save that file.. )

Kind regards,
Manuel

stefan73er
2007-02-09, 04:40
Isn't there a registry string that you have to save as well? I understand SIC will not work unless you do this?

yes there is a registry string on a windows system but the upgrade export will save this also.

And for sure this is the best way to backup checkpoint i know.