1

Back up your current configuration.

2

See the Upgrade Options and Prerequisites.

3

In R80 and above, examine the SmartConsole sessions:

1. Connect with the SmartConsole to each Domain Management Server.
2. From the left navigation panel, click Manage & Settings > Sessions > View Sessions.
3. You must publish or discard all sessions, for which the Changes column shows a number greater than zero.

   Right-click on such session and select Publish or Discard.

4

In Multi-Domain Server R80 or R80.10 with enabled vSEC Controller:

1. Connect with SmartConsole to the Global Domain.
2. Delete all global Data Centers objects.
3. Assign the modified Global Policies.

5

You must close all GUI clients (SmartConsole applications) connected to the source Multi-Domain Server.

1

Connect with SmartConsole to each Domain Management Server.

2

In the top left corner, click Menu > Install database.

3

Select all objects.

4

Click Install.

5

Click OK.

1

Connect to the command line on the R80.20 Multi-Domain Server.

2

Log in with the superuser credentials.

3

Log in to the Expert mode.

4

Make sure that on all Domain Management Servers, none of the required daemons (FWM, FWD, CPD, and CPCA) are in the state "down" (the "pnd" state is acceptable):

[Expert@MDS:0]# mdsstat

If some of the required daemons on a Domain Management Server are in the state "down", wait for 5-10 minutes, restart that Domain Management Server and check again. Run these three commands:

[Expert@MDS:0]# mdsstop_customer <IP Address or Name of Domain Management Server>

[Expert@MDS:0]# mdsstart_customer <IP Address or Name of Domain Management Server>

[Expert@MDS:0]# mdsstat

5

Go to the main MDS context:

[Expert@MDS:0]# mdsenv

6

Upgrade the attributes of all managed objects in all Domain Management Servers at once:

[Expert@MDS:0]# $MDSDIR/scripts/mds_fix_cmas_clms_version -c ALL

Notes:

• Because the command prompts you for a 'yes/no' for each Domain and each object in the Domain, you can explicitly provide the 'yes' answer to all questions with this command:

  [Expert@MDS:0]# yes | $MDSDIR/scripts/mds_fix_cmas_clms_version -c ALL

• You can perform this action on one Multi-Domain Server at a time with this command:

  [Expert@MDS:0]# $MDSDIR/scripts/mds_fix_cmas_clms_version -c ALL -n <Name of Multi-Domain Server>

7

Allow the database synchronization to run:

[Expert@MDS:0]# $CPDIR/bin/cpprod_util CPPROD_SetValue "FW1/6.0" AfterUpgradeDbsyncIndication 1 1 0

Restart the Check Point services:

[Expert@MDS:0]# mdsstop

[Expert@MDS:0]# mdsstart

For more information, see sk121718.

8

Make sure that on all Domain Management Servers, none of the required daemons (FWM, FWD, CPD, and CPCA) are in the state "down" (the "pnd" state is acceptable):

[Expert@MDS:0]# mdsstat

If some of the required daemons on a Domain Management Server are in the state "down", wait for 5-10 minutes, restart that Domain Management Server and check again. Run these three commands:

[Expert@MDS:0]# mdsstop_customer <IP Address or Name of Domain Management Server>

[Expert@MDS:0]# mdsstart_customer <IP Address or Name of Domain Management Server>

[Expert@MDS:0]# mdsstat

1

Connect with the SmartConsole to the R80.20 Multi-Domain Server.

2

Make sure the management database and configuration were upgraded correctly.