Welcome …

Posted on

Manually Start CoreXL

Manually Start CoreXL

Sometimes it is necessary to manually start coreXL – this short article describes how to do this quickly from the command line.

Firstly, check that coreXL is indeed disabled with the “fw ctl multik stat” command:

[Expert@gateway:0]# fw ctl multik stat
fw: CoreXL is disabled

Then you can start it using “fw ctl multik start”:

[Expert@gateway:0]# fw ctl multik start
Instance -1 started (1 of 1 are active)
[Expert@gateway:0]#

Note: you need to run this command once per instance so 6 instances = 6 times running the command!

—–

CoreXL is part of the “Acceleration And Clustering Software Blade” and comprises of CoreXL, SecureXL and ClusterXL :

The Check Point Acceleration and Clustering Software Blade delivers a set of advanced technologies, SecureXL and ClusterXL, that work together to maximize performance and security in high-performance environments. These work with CoreXL, which is included with the blade containers, to form the foundation of the Open Performance Architecture, which delivers throughput designed for data center applications and the high levels of security needed to protect against today’s application-level threats.

CoreXL: Multicore acceleration
As the first security technology to fully leverage general-purpose multi-core processors, CoreXL introduces advanced core-level load balancing that increases throughput for the deep inspection required to achieve intrusion prevention and high throughput on the firewall. With CoreXL, high performance and high security can be achieved simultaneously.

SecureXL: Security acceleration
Patented SecureXL is a technology interface that accelerates multiple, intensive security operations, including operations that are carried out by Check Point’s Stateful Inspection firewall. Using SecureXL, the firewall offloads operations to a performance-optimized software or hardware device, dramatically increasing throughput.

 

ClusterXL: Smart Load Balancing
ClusterXL provides high availability and load sharing that keeps businesses running without interruption. ClusterXL distributes traffic between clusters of redundant gateways, combining the computing capacity of multiple machines to increase total throughput. In the event of a gateway or network failure, connections are seamlessly redirected to a designated backup, maintaining business continuity.

No related posts.

Posted on

Gaia: Backup and Restore From CLI (Clish)

Gaia: Backup and Restore From CLI (Clish)

This article provides a quick tutorial on how to make a Gaia: backup and restore from the CLI (Clish shell) in Gaia. Depending which version of Gaia you are using, you may or may not have the option to perform a backup or restore from the Web GUI under the “Maintenance” section or you may only have SSH access – having the skill to do this from the command line is important either way.

For the methods below the following apply:

  • x.x.x.x should be replaced by the IP of the server
  • myuser should be replaced by a valid username for the server.
  • mybackupfile.tgz should be replaced by the name of your backup file
  • You will be prompted for the password on the command line if you are using FTP or SCP

Backup

The add backup command is what we use to initiate a backup from the CLI. We also need to pass a parameter to define where the backup is to be saved: local, FTP, TFTP or SCP:

  • To save a backup locally:
    • add backup local
  • To save a backup on a remote server using FTP:
    • add backup ftp ip x.x.x.x username myuser password plain
  • To save a backup on a remote server using TFTP:
    • add backup tftp ip x.x.x.x
  • To save a backup on a remote server using SCP:
    • add backup scp ip x.x.x.x username myuser password plain
add backup local

Note:

 

  • You can use the show backups command to see the status of any current and completed backups.
  • Backup configurations on Check Point appliances are stored in /var/log/CPbackup/backups/
  • Backup configurations on Open Servers are stored in /var/CPbackup/backups/

 

Restore

To restore a backup we use the set backup restore command and as with the backup, we pass the relevant parameters:

  • To restore a local backup:
    • set backup restore local <TAB>
  • To restore a backup from a remote server using FTP:
    • set backup restore ftp ip x.x.x.x file mybackupfile.tgz username myuser password plain
  • To restore a backup from a remote server using TFTP:
    • set backup restore tftp ip x.x.x.x file mybackupfile.tgz
  • To restore a backup from a remote server using SCP:
    • set backup restore scp ip x.x.x.x username myuser password plain

Remember!

  • Restore is only allowed using the same Gaia version on the source and target computers.
  • Restore is only allowed using the same appliance type on the source and target computers.
  • The backup file name generated by the backup command should not be renamed and must not contain spaces.
  • When backing to an SCP or FTP server, the backup file is put in the user’s home folder. When restoring from SCP or FTP the backup file is taken from the user’s home folder.
  • This is not applicable to VSX – to backup and restore VSX, see sk100395 for details.

Related posts:

Posted on

Checkpoint: Installing on an HP DL380 Server – R75, R76, R77

Installing Checkpoint on an HP DL380 Server –

R75, R76, R77

This article describes how to work around the problems which can occur when installing R75, R76, R77 on an HP DL380 server.

There are multiple Checkpoint secureknowledge articles on the support site which pertain to different issues; they are consolidated here along with some tips from bitter experience.

SAS Controller Settings

1. Make sure the SATA controller is set to LEGACY MODE and AHCI mode.

No Logical Drives Defined

2. The install may fail part-way through if no logical drive has been configured prior to starting the install. Errors include:

Traceback (most recent call first):
File "usr/lib/anaconda/autopart.py",
...
IndexError: list index out of range

To remedy this, load the “Intelligent Provisioning” utility from the BIOS menu (F10) and create an array, i.e. a logical drive. It’s pretty intuitive but if you have any problems there is documentation here and also a couple of tutorials on youtube if that’s more your thing. Note: I recommend RAID 6 for a successful post-install experience, see point 5 below!

HP DL380 Listed in sk77660

3. As this server is listed in sk7760 – “disabling IRQ” message on Gaia installation failure – make sure you choose this option on the installer screen as shown below. Errors include:

  • No driver found
  • Unable to find any devices of the type needed for this installation type

Install Using External DVD-ROM Drive

4. Installation may fail when using the in-built DVD-ROM or Isomorphic tool – should this happen use an external USB DVD-ROM to perform the installation. This is described in sk87704 – Unable to install Gaia OS on HP ProLiant DL380p Gen8 using built-in DVD-ROM or ISOmorphic Tool .

Boot Loop After Installation?

5. After an apparently successful install, you may experience continuous reboots after installation. There are two main culprits:

  • The version you have installed does not like the RAID version you have used. I have had one installation reboot continuously using RAID 10 but behave perfectly using RAID 6.
  • The other possibility is that the version will not function over a 2 TB limit. If this is this is the case you will need to go back into the RAID utility and configure your drives to be no larger than 2TB – this is described in sk93608 –  Server continually reboots after GAiA installation.

I hope this helps, here is some more related information:

HCL Entry for DL380 Gen8

SecurePlatform support for RAID controller “Smart Array HP P420i” on HP ProLiant DL380p Gen8 server

No related posts.

Exit mobile version
%%footer%%