In This Section:
Management Portal enables web-based administration and troubleshooting of the Security Management server. The Management Portal product is included on the release DVD.
The product can be deployed on a dedicated server, or alongside the Security Management server. SSL encrypted connections are used to access the Management Portal web interface. Administrative access can be limited to specific IP addresses. Dedicated administrator users can be limited to Management Portal access only.
Note - Management Portal does not support IPv6.
When deploying the Management Portal on a dedicated server, the following actions should be taken to successfully integrate the Management Portal Server with the Security Management server.
When deploying the Management Portal alongside the Security Management server, the following actions should be taken to successfully integrate the Management Portal component with the Security Management server.
smartportalstart: Starts Management Portal services.
smartportalstop: Stops Management Portal services.
To allow only specific IP addresses or networks to access the Management Portal, stop the Management Portal and create the
hosts.allow file under the Management Portal
conf directory (in Windows:
C:\program files\CheckPoint\<version>\SmartPortal\portal\conf and in Linux and SecurePlatform:
/opt/CPportal-<version>/portal/conf). If the
hosts.allow file is not in the Management Portal
conf directory you should create it if it is required.
The file format is:
ALL: ALL (to allow all IPs)
ALL: x.x.x.x (to allow specific IPs)
ALL: x.x.x.x/y.y.y.y (to allow specific networks where x.x.x.x is the IP
address and y.y.y.y is the netmask)
The following Management Portal product properties can be modified by editing the
cp_httpd_admin.conf conf file. This file can be found in the Management Portal
Note - Any modifications to the
SERVCERT(the full path to the certificate) and
CERTPWD (the certificate password)attributes.
The Management Portal can be used with the following web browsers:
To connect to the Management Portal:
To use the Management Portal, when you connect to it, click the HELP button to display the Management Portal Online Help. The Online help explains the functionality of each window.
These are the tools you can use to troubleshoot Management Portal.
To see the web daemon (
cpwmd) and the web server (
cp_http_serve) errors, see the error log files. They are located in the Management Portal log directory:
Web demon error log file:
Web server error log file:
cpwmdmessages run this command:
cpwmd debug -app the Management Portal on
cpwmdmessages, run this command:
cpwmd debug -app SmartPortal on
cpwd_admin stop -name CPHTTPD
TDERROR_CPHTTPD_ALLenvironment variable to 5.
OPSEC_DEBUG_LEVELenvironment variable to 3.
cp_http_server -v -f <full path to the cp_httpd_admin.conf file>
CGI log messages of incoming and outgoing data:
cpwd_admin stop -name CPHTTPD
CPWM_DEBUGenvironment variable to
The output will be written to the
cgi_out.txt files in the
temp directory (
c:\temp on Windows and /tmp on Unix/Linux/SPLAT).