Checkpoint DMI List -Part-1

Appliance UTM-1
U-40-00                        UTM-1 3070 Appliance
U-30-00                        UTM-1 2070 Appliance
U-20-00                        UTM-1 1070 Appliance
U-15-00                        UTM-1 570 Appliance
U-15-01                        UTM-1 570 Appliance
U-10-00                        UTM-1 270 Appliance
U-5-00                          UTM-1 130 Appliance
T-180-00                       UTM-1 4800
T-160-00                       UTM-1 4600
T-140-00                       UTM-1 4400
T-120-00                       UTM-1 4200 2012 Appliance
T-110-00                       UTM-1 2200 2012 Appliance
C6P_UTM                      UTM-1 2050 Appliance
C6_UTM                        UTM-1 1050 Appliance
C2_UTM                        UTM-1 450 Appliance

 

Appliance 2012
G-50                             Appliance 21400
G-70                             Appliance 21600
G-72                             Appliance 21700
G-75                             Appliance 21800
P-380-00                      Appliance 13800
P-370-00                      Appliance 13500
P-231-00                      Appliance 12600
P-230-00                      Appliance 12600
P-220-00                      Appliance 12400
P-210-00                      Appliance 12200

 

Appliance
PB-05-00                     Appliance 3100
PB-10-00                     Appliance 3200
PB-15-00                     Appliance 5100
PB-20-00                     Appliance 5200
PL-10-00                     Appliance 5400
PL-20-00                     Appliance 5600
PL-30-00                     Appliance 5800
PL-40-00                     Appliance 5900
PH-20-00                    Appliance 15400
PH-30-00                    Appliance 15600
PD-10-00                    Appliance 23500
PD-20-00                    Appliance 23800

 

 

Export F5 SSL certificate and Key files to PFX format:

Step 1 :

Copy the designated website ssl certificate and key files to the tmp folder

SSL cert location:

/config/filestore/files_d/<partition>_d/certificate_d/

Key location:

/config/filestore/files_d/<partition>_d/certificate_key_d/

Step 2 :

Impact of procedure: There will be no impact to the system with the below procedure.

  1. Log in to the BIG-IP command line.
  2. Copy the certificate file to the /var/tmp directory

   cp /config/filestore/files_d/Common_d/certificate_d/<Certificate-Filename> /var/tmp/<Destination-Filename>

3. Copy the key file to the /var/tmp directory

cp /config/filestore/files_d/Common_d/certificate_key_d/<Key-Filename> /var/tmp/<Destination-Filename>

4. verify the files using the below command

ls -las /var/tmp/<Destination-Filename>

Step 3 :

To export the certificate/key pair to PFX format, perform the following procedure:

Export the certificate/key pair to PFX format to /var/tmp/certificate.pfx using the following command syntax:

openssl pkcs12 -export -out /var/tmp/<PFX -CertificateName> -inkey /var/tmp/<Key-Filename> -in /var/tmp/<Certificate-Filename>

For example, to export the certificate test.crt and key test.key copied in the previous procedure, type the following command:

openssl pkcs12 -export -out /var/tmp/certificate.pfx -inkey /var/tmp/test.key -in /var/tmp/test.crt

The exported PFX file is named /var/tmp/certificate.pfx.

 

 

Checkpoint MDS Issue Tips:

A. Issue is MDS is down:

  1. Issue is unable to access MDS.
  2. Login to the MDS through CLI or console
  3. Verify the MDS status using mdsstat command

 mdsstat

4. If everything is down including CMA’s, perform the below steps.

 mdsstop

           mdsstart

   B. Issue is One of the CMA is down:

  1. Issue is unable to access CMA.
  2. Login to the MDS through CLI or console
  3. Verify the MDS status using mdsstat command

 mdsstat

4. If one of the CMA is down, note it down the CMA IP and run the below command

          mdsstart_customer <IP_address>