Configuring R80 Appliances

In This Section: Configuring the Management IP Address Starting the Gaia First Time Configuration Wizard

You can clean install R80 on Gaia Check Point appliances. If the appliance does not have the R80 image, you can install the R80 ISO file from a USB drive or DVD.

To install R80 on appliances with the R80 image:

1. Open the terminal emulation program.
2. Restart the appliance.
3. When prompted, press any key to enter the boot menu.
4. Select Reset to factory defaults - Security Management Server and press Enter.
5. Type yes and press Enter.

   The Security Management Server image is selected for the appliance and then the appliance resets.

6. Configure the Management IP Address.
7. Run the First Time Configuration Wizard.

To install R80 on appliances from the R80 ISO file:

1. Create the removable installation media:
   • DVD - Burn the R80 ISO on it
   • USB drive - To prepare a USB drive, see: sk65205
2. Connect the USB drive or DVD with the R80 ISO to the appliance.
3. Open the terminal emulation program.
4. Restart the appliance.
5. Redirect the boot sequence to the installation media:
   • DVD - Press Enter within 90 seconds to boot from the DVD
   • USB drive - In the boot screen, at the boot prompt, enter serial and press Enter.

   The R80 is file is installed on the appliance.

6. Reboot the appliance, press CTRL + C.
7. Configure the Management IP Address.
8. Run the First Time Configuration Wizard.

Configuring the Management IP Address

The management interface is pre-configured with the IP address 192.168.1.1. You can change the management IP address on a Check Point appliance before or after you run the First Time Configuration Wizard. If you must access the appliance over the network, update the interface before you connect the Gaia appliance to the network. Make sure the new address is on the same subnet as the management network.

You can also install a log server or Multi-Domain Log Server on a Check Point appliance.

To change the Management address before you run the First Time Configuration Wizard:

1. Open a console connection.
2. Log in with the default username and password: admin and admin.
3. In clish, get the name of the management interface: # show interfaces
4. Set the management IP address:
   # set interface mgmt ipv4-address <IPv4 address> subnet-mask <mask>
5. Disable the static route to the default gateway that are not used:
   # set static-route default nexthop gateway address <IPv4 address> off
6. Open a browser to the WebUI and run the First Time Configuration Wizard.

To change the management IP address after you run the First Time Configuration Wizard:

1. Open a browser to the WebUI.
2. Open the Network Management > Network interfaces window.
3. In the Management Interface area, click Set Management Interface.

   The Management Interface window shows the interface that is configured as the management interface.

4. In the Interfaces table, select the management interface and click Edit.
5. Change the IP address of the interface.

   Note - This changes the settings of an interface to which the browser connected.

6. Click OK.

Starting the Gaia First Time Configuration Wizard

The First Time Configuration Wizard helps you configure your appliance quickly. You can change the settings later, in the WebUI.

To start the First Time Configuration Wizard on Gaia:

1. Connect the appliance to your management network through the management interface, which is marked MGMT.
2. Open a connection from a browser to the management IP address: https://<appliance_ip_address>

   The login page opens.

3. Log in to the system with the default username and password: admin and admin
4. Click Login.

   The First Time Configuration Wizard runs.

5. In the Deployment Options page, click Continue with Gaia configuration. Click Next.
6. In the Authentication Details page, change the default administrator password. Click Next.
7. In the Management Connection page, enter the IPv4 management interface.
8. Optional: In the Connection to UserCenter page, configure an external interface to connect to the Check Point UserCenter. Use this connection to download a license and to activate it.
9. In the Device Information page:
   • Set the Host Name for the appliance.
   • If you configured an interface to the UserCenter, you must configure the IPv4 addresses of DNS servers.
   • If you configured an interface to the UserCenter and if you have a Proxy Server to reach the UserCenter, enter the IPv4 address and port for the Proxy Server.

   Click Next.

10. In the Date and Time Settings page, set the date and time manually, or enter the hostname and IPv4 address of the NTP server. Click Next.
11. In the Products page:
    • To install Multi-Domain Server, select Multi-Domain Server and Primary.
    • To install Security Management Server, select Security Management and Primary.

    You can select Automatically download Blade Contracts and other important data. Check Point highly recommends that you select Automatic Downloads.

12. In the Administrator page, define the name and password of an administrator who can connect to the server with SmartConsole clients. Click Next.
13. In the GUI Clients page, define IPv4 addresses from which SmartConsole clients can log in. Click Next.
14. In the Activation page, get a license automatically from the UserCenter and activate it, or use the 15 day trial license. Click Next.

    Note: This page is only shown for open servers. The license activation is automatic on appliances.

15. In the Summary page, review your choices.

    You can select Improve product experience by Sending Data to Check Point. Check Point recommends that you select this option. No data is made accessible to third parties.

    Click Finish.

16. To start the configuration, click Yes.

    A progress bar tracks the configuration of each task.

17. Click OK.

    Security Management Server or Multi-Domain Server is installed on the appliance.