cpconfig
Description
This command starts the Check Point Configuration Tool.
This tool configures specific settings for the installed Check Point products.
|
Important:
|
Syntax on a Security Gateway / Cluster Member in Gaia Clish or the Expert mode
|
Syntax on a Scalable Platform Security Group in Gaia gClish or the Expert mode
|
Menu Options
|
Note - The options shown depend on the configuration and installed products. |
Menu Option |
Description |
---|---|
Licenses and contracts |
Manages Check Point licenses and contracts on this Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or Cluster Member Security Gateway that is part of a cluster.. |
SNMP Extension |
Obsolete. Do not use this option anymore. To configure SNMP, see the R81.20 Gaia Administration Guide - Chapter System Management - Section SNMP. |
PKCS#11 Token |
Register a cryptographic token, for use by Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. Operating System. See details of the token, and test its functionality. |
Random Pool |
Configures the RSA keys, to be used by Gaia Operating System. |
Secure Internal Communication |
Manages SIC Secure Internal Communication. The Check Point proprietary mechanism with which Check Point computers that run Check Point software authenticate each other over SSL, for secure communication. This authentication is based on the certificates issued by the ICA on a Check Point Management Server. on the Security Gateway or Cluster Member. This change requires a restart of Check Point services on the Security Gateway or Cluster Member. For more information, see: |
Enable cluster membership for this gateway |
Enables the cluster membership on the Security Gateway. This change requires a reboot of the Security Gateway. For more information, see the: Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Disable cluster membership for this gateway |
Disables the cluster membership on the Security Gateway. This change requires a reboot of the Security Gateway. For more information, see the: Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Enable Check Point Per Virtual System State |
Enables Virtual System Load Sharing VSX Cluster technology that assigns Virtual System traffic to different Active Cluster Members. Acronym: VSLS. on the VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. Cluster Member. For more information, see the R81.20 VSX Administration Guide. Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Disable Check Point Per Virtual System State |
Disables Virtual System Virtual Device on a VSX Gateway or VSX Cluster Member that implements the functionality of a Security Gateway. Acronym: VS. Load Sharing A redundant cluster mode, where all Cluster Members process all incoming traffic in parallel. For more information, see "Load Sharing Multicast Mode" and "Load Sharing Unicast Mode". Synonyms: Active/Active, Load Balancing mode. Acronym: LS. on the VSX Cluster Member. For more information, see the R81.20 VSX Administration Guide. Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Enable Check Point ClusterXL for Bridge Active/Standby |
Enables Check Point ClusterXL Cluster of Check Point Security Gateways that work together in a redundant configuration. The ClusterXL both handles the traffic and performs State Synchronization. These Check Point Security Gateways are installed on Gaia OS: (1) ClusterXL supports up to 5 Cluster Members, (2) VRRP Cluster supports up to 2 Cluster Members, (3) VSX VSLS cluster supports up to 13 Cluster Members. Note: In ClusterXL Load Sharing mode, configuring more than 4 Cluster Members significantly decreases the cluster performance due to amount of Delta Sync traffic. for Bridge mode Security Gateway or Virtual System that works as a Layer 2 bridge device for easy deployment in an existing topology.. This change requires a reboot of the Cluster Member. For more information, see the: Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Disable Check Point ClusterXL for Bridge Active/Standby |
Disables Check Point ClusterXL for Bridge mode. This change requires a reboot of the Cluster Member. For more information, see the: Note - This section does not apply to Scalable Platforms (Maestro and Chassis). |
Check Point CoreXL |
Manages CoreXL Performance-enhancing technology for Security Gateways on multi-core processing platforms. Multiple Check Point Firewall instances are running in parallel on multiple CPU cores. and Firewall mode on the Security Gateway / Cluster Member / Scalable Platform Security Group. After all changes in CoreXL configuration, you must reboot the Security Gateway / Cluster Member / Security Group. For more information, see the R81.20 Performance Tuning Administration Guide. |
Automatic start of Check Point Products |
Shows and controls which of the installed Check Point products start automatically during boot. |
Exit |
Exits from the Check Point Configuration Tool. |
Example 1 - Menu on a single Security Gateway
Example 2 - Menu on a Cluster Member