This section explains how you can upgrade the appliance with a USB drive without a console connection to the appliance. For more information, see Upgrade Using Boot Loader.
Note - The USB drive must be formatted in FAT32.
Installing a new firmware image from a USB drive
Check Point releases new firmware images every so often. You can reburn the appliance using the image file and a USB drive. Note that you can also upgrade through the WebUI. If the new image supports it, you do not lose your previous settings. When you reburn a new image with a USB drive, the appliance deletes your previous settings and creates a new factory default image.
Installing a new Boot-Loader from a USB drive
Check Point releases new Boot Loader rarely. This usually comes with a new image. To upgrade to a new U-Boot or Firmware image, you must boot the appliance.
Replace the Boot Loader before you upgrade to a new image.
To replace Boot-Loader:
u-boot*.ubt
files or fw1*.img
files).If the file is valid, all LAN LEDs start to blink to show progress. Every other LED blinks at a different speed. Link LEDs blink orange and Activity LEDs blink green.
When the installation is complete, all LAN LEDs turn a constant green. The appliance is ready for your input.
To upgrade to a new firmware image from a USB drive:
u-boot*.bin
files, or fw1*.img
files).After a few seconds, the Notice LED blinks until the system boots. When the system is up, the USB LED is on. After the system boot is complete, it checks the image version on the USB.
If the file is valid, the LAN LEDs start to blink until the file is uploaded. After a few seconds, all of the LAN LEDs are on and the system reboots. When the Notice LED is off, the installation is complete and the appliance awaits your input.
Note - When you upgrade with a USB drive, you also replace the saved factory defaults image of the appliance as this method reburns the appliance.
Note - Uboot update from a USB drive is currently not supported in 1400 appliances.
You can use an SD card to upgrade to a new firmware image or auto-configuration file. When you install a new image with an SD card, the appliance deletes your previous settings and creates a new factory default image. Back up your settings so you can restore them after the installation is complete.
Note - From R77.20.85 and higher, SD cards are formatted with ext4. In earlier versions, SD cards are formatted as FAT32. If you upgrade from an earlier version to R77.20.85 or higher, the SD remains with FAT32 for backward compatibility.
To upgrade to a new firmware image from an SD card:
Make sure the top folder of the SD card does not contain any previous Boot loader or firmware images (u-boot*.bin
files or fwl*.gz
files).
The installation begins with the image file. This takes several minutes.
If the file is valid, all LAN LEDs start to blink to show progress. The LEDS are different colors and blink at different speeds.
LEDs |
Colors |
---|---|
LAN LEDs |
Orange and green |
Link LEDs |
Orange |
Activity LEDs |
Green |
When the installation is complete, all LAN LEDs turn a constant green. The appliance is ready for your input.
Restore your settings. For more information, see Backup, Restore, Upgrade, and Other System Operations.
To upgrade using CLIsh commands:
These are the file names that you can use:
autoconf.clish
autoconf.
<MAC address>.clish
<MAC address> is the specified MAC address in this format: XX-XX-XX-XX-XX
You can create multiple configuration files for Check Point Appliance gateways. The gateways run both files or only one of them. First the autoconf.clish
configuration file is loaded. If there is a configuration file with the same MAC address as the gateway, that file is loaded second.
Use the # symbol to add comments to the configuration file.