Obtain a new checkpoint VM on AWS
From Notes_Wiki
Home > Enterprise security devices or applications > Checkpoint Gaia OS > Obtain a new checkpoint VM on AWS
- Login into AWS console. Go to Dashboard -> EC2 -> Instances -> Launch instance. Search for "check point" in AWS marketplace. Choose CheckPoint vSEC (PAYG - Pay As You Go) or (BYOL - Bring Your Own License) appropriately. Choose BYOL latest version (R77.30 at time of writing), in case difference between BYOL and PAYG is not very clear.
- Other option is to go to AWS market place and search for "check point" from there launch the VM in appropriate region.
- Choose "c4.large" or higher configuration as needed .
- Give 50GB or more storage based on requirement.
- Checkpoint might suggest a security group with 22, 443 and TCP ports enabled. Add "All ICMP" to suggested list or create a fully open (All protocols from everywhere) security group for checkpoint.
- Launch the instance with desired key pair. Please note that access to this keypair is necessary for being able to use the VM.
- Use keypair with admin user name. Example command:
- ssh -i <keypair> admin@<IP>
- Then enable expert mode and access expert shell by using
- set expert-password
- expert
- Verify that file '/etc/.wizard_accepted' is not present. If this is present then first time configuration wizard has already been run. Please ensure that system is not in production before proceeding, if the file is present.
- Edit '/config/db/initial' file and search for 'passwd:admin:passwd'. Set the value for admin password to 'admin' using:
- passwd:admin:passwd $1$zIVyrIdj$1LBW7Pg6XOcXYIgFPTppY.
-
- Save file and exit editor
- Recreate SQL DB using text file using following command in expert mode:
- conv2db /config/db/initial /config/db/initial_db
- Reboot machine using following command in expert mode:
- shutdown -r now
- After reboot access https://<IP> and login using admin:admin
Home > Enterprise security devices or applications > Checkpoint Gaia OS > Obtain a new checkpoint VM on AWS
