Sysconfig To Gaia CLI: Technical Reference Guide

Sysconfig to Gaia CLI
Technical Reference Guide
16 October 2012
Classification: [Protected]
2012 Check Point Software Technologies Ltd.
All rights reserved. This product and related documentation are protected by copyright and distributed under
licensing restricting their use, copying, distribution, and decompilation. No part of this product or related
documentation may be reproduced in any form or by any means without prior written authorization of Check
Point. While every precaution has been taken in the preparation of this book, Check Point assumes no
responsibility for errors or omissions. This publication and features described herein are subject to change
without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph
(c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR
52.227-19.
TRADEMARKS:
Refer to the Copyright page (http://www.checkpoint.com/copyright.html) for a list of our trademarks.
Refer to the Third Party copyright notices (http://www.checkpoint.com/3rd_party_copyright.html) for a list of
relevant copyrights and third-party licenses.
Important Information
Latest Software
We recommend that you install the most recent software release to stay up-to-date with the latest functional
improvements, stability fixes, security enhancements and protection against new and evolving attacks.
Latest Documentation
The latest version of this document is at:
http://supportcontent.checkpoint.com/documentation_download?ID=21141
For additional technical information, visit the Check Point Support Center
(http://supportcenter.checkpoint.com).
Revision History
Date Description
16 October 2012 First release of this document
Feedback
Check Point is engaged in a continuous effort to improve its documentation.
Please help us by sending your comments
(mailto:cp_techpub_feedback@checkpoint.com?subject=Feedback on Sysconfig to Gaia CLI Technical
Reference Guide).
Contents
Important Information .............................................................................................3

SecurePlatform sysconfig to Gaia .........................................................................5
Host Name .......................................................................................................... 6
Domain Name ..................................................................................................... 6
DNS .................................................................................................................... 6
NTP, Time, Date.................................................................................................. 7
Interface .............................................................................................................. 9
Add or Delete Alias ......................................................................................... 9
Add or Delete VLAN ......................................................................................10
Add or Delete Bridge......................................................................................11
Add or Delete Bond .......................................................................................11
Add or Delete Loopback ................................................................................12
Add or Delete PPPoE ....................................................................................13
Configuring Network Connection Interface .....................................................14
Set Management Connection.........................................................................15
Static-Route........................................................................................................15
Set Default Gateway ......................................................................................15
IPv4 ...............................................................................................................16
IPv6 ...............................................................................................................17
DHCP Server......................................................................................................18
DHCP Relay Configuration .................................................................................20
Export Setup.......................................................................................................21
Hardware Monitoring ..........................................................................................21
Configuring the System for the First Time ..........................................................21
SecurePlatform sysconfig to Gaia

In SecurePlatform, the sysconfig command accesses environment configuration features. In Gaia, you can
do the same configurations through the CLI or WebUI.
Option Description See Gaia equivalent command
1) Host Name Set or show hostname. Host Name (on page 6)
2) Domain Name Set or show domain Domain Name (on page 6)

name.
3) Domain Name Servers Add, remove, or show DNS (on page 6)

DNS.
4) Time & Date Set or show the time NTP, Time, Date (on page 7)
zone, date, and local
time.
5) Network Connections Add, remove, or show Interface (on page 9)

static connections.
6) Routing Add, remove or show Static-Route (on page 15)

routes. Set Default
Gateway.
7) DHCP Server Configuration Set or show DHCP DHCP Server (on page 18)
server.
8) DHCP Relay Configuration Set or show DHCP DHCP Relay Configuration (on page 20)
relay.
9) Export Setup Export Check Point Export Setup (on page 21)
environment
configuration as file.
10) Products Installation Install Check Point Run cpconfig in expert mode
products.
11) Products Configuration Configure Check Point Run cpconfig in expert mode
products.
12) Enable / Disable hardware Set or remove Hardware Monitoring (on page 21)
monitoring hardware sensor
monitors on SNMP
Note - To save a configuration changed in the CLI, you must run: save config
Sysconfig to Gaia CLI Technical Reference Guide | 5

Host Name
Description Use this group of commands to configure the host name of your platform.
set hostname VALUE
Syntax show hostname
Comment Host name can also be configured through Gaia WebUI > Hosts and DNS page.
Domain Name
Description Set or show domain name of a computer.
set domainname VALUE
Syntax show domainname
Parameters Parameter Description
VALUE
The name of the domain.
Valid characters: alphanumeric, dash ( - ), period ( . ). Periods must be
followed by an alphanumeric character. A dash or period cannot be the
last character.
Comment Domain name can also be configured through Gaia WebUI > Hosts and DNS page.
DNS
Description Configure, show and delete the DNS servers and the DNS suffix for the Gaia computer.
Syntax To configure the DNS servers and the DNS suffix for the Gaia computer:
set dns primary VALUE
set dns secondary VALUE
set dns tertiary VALUE
set dns suffix VALUE
To show the DNS servers and the DNS suffix for the Gaia computer:
show dns primary
show dns secondary
show dns tertiary
show dns suffix
To delete the DNS servers and the DNS suffix for the Gaia computer:
delete dns primary
delete dns secondary
delete dns tertiary
delete dns suffix
primary
Parameters The server to use when resolving hostnames. This should be a host
running a DNS server.
secondary
The server to use when resolving hostnames if the primary server does
not respond. This should be a host running a DNS server.
tertiary
The server to use when resolving hostnames if the primary and
secondary servers do not respond. This should be a host running a
DNS server.

suffix
A search list for host-name lookup. The search is normally determined
from the local domain name. By default, it contains only the local
domain name. A valid domain name suffix is made up of subdomain
strings separated by periods. Subdomain strings must begin with an
alphabetic letter and may consist only of alphanumeric characters and
hyphens. The domain name syntax is described in RFC 1035 (modified
slightly in RFC 1123).
For example, if you set the DNS Suffix to example.com and try to
ping some host foo (by running ping foo), and foo cannot be
resolved, then the resolving computer will try to resolve
foo.example.com.
VALUE
An IPv4 address
Comment DNS servers can also be configured through Gaia WebUI > Hosts and DNS page.
NTP, Time, Date

Use these commands, or the Gaia WebUI > Time page, to configure time and date settings.
NTP
Description Use this command to configure and troubleshoot the Network Time Protocol (NTP).
Syntax To monitor and troubleshoot your NTP implementation:

show ntp active
show ntp current
show ntp servers
To add a new NTP server:

set ntp active [On|Off]
set ntp server primary VALUE version VALUE
set ntp server secondary VALUE version VALUE
To delete an NTP server:
delete ntp server <IP>

active Shows the active NTP server or Enables or disables NTP. Valid values
are On or Off.
current Shows the host name or IP address of the NTP server you are using
now.
primary Set the host name or IP address of the primary NTP server.
secondary The host name or IP address of the secondary NTP server.
version The version number of the NTP server (from 1 to 4).
server Keyword that identifies the NTP server.
Example show ntp servers

IP Address Type Version
Output
pool.ntp.org Primary 4

Comments Server-Specifies the host name or IP address of the time server from which your system
synchronizes its clock. The specified time server does not synchronize to the local clock of
your system.
Version-The version number Specifies which version of NTP to run. Check Point
recommends that you run version 3.
Clock
Description Show current system date and time
show clock
Syntax

clock The current system day, date, and time. The current system time is in
HH:MM:SS format.
Example show clock
Output Thu Oct 6 15:20:00 2011 IST
Date
Description Set the system date
set date <date>
Syntax show date

<date> The date in the YYYY-MM-DD format.
Example set date 2012-08-10
Time
Description Set the system time in HH:MM:SS format
set time <time of day>
Syntax show time
<time of day> The current system time in HH:MM:SS format
Example show time
Output 12:03:54
Time Zone
Description Show and Set the system time zone.

set timezone <Area> / <Region>

Syntax
Note: The spaces before and after the '/' character are important.
show timezone

<Area> Continent or geographic area.
Valid values:
Africa, America, Antarctica, Asia, Atlantic, Australia, Etc, Europe,
Indian, Pacific
<Region> Region within the specified area.
Example set timezone America / Detroit
Interface
The sysconfig Add New Connection menu:
1) Secondary IP on interface (alias) 5) Loopback connection
2) VLAN 6) PPPoE connection
3) Bridge 7) PPTP connection (not in Gaia)
4) Bond 8) ISDN connection (not in Gaia)
Option See Gaia equivalent command
1 Add or Delete Alias (on page 9)
2 Add or Delete VLAN (on page 10)
3 Add or Delete Bridge (on page 11)
4 Add or Delete Bond (on page 11)
5 Add or Delete Loopback (on page 12)
6 Add or Delete PPPoE (on page 13)
general Configuring Network Connection Interface (on page 14)

Set Management Connection (on page 15)
Note - Network connections and interfaces can also be configured through Gaia WebUI > Network
Interfaces page.
Add or Delete Alias

Description Configure an alias to a physical interface.
add interface <IF> alias <IP>/<Mask>
Syntax delete interface <IF> alias <Alias IF>

Parameter <IP> IPv4 address

Values
<IF> Interface name
<Mask> IPv4 subnet mask length using CIDR ( /xx) notation
<Alias IF> Interface alias name in the format <IF>:XX, where XX is the
automatically assigned sequence number.
add interface eth1 alias 10.10.99.1/24
Examples delete interface eth1 alias eth1:2
Comments A new alias interface name is automatically created by adding a sequence number to
the original interface name. For example, the name of first alias added to eth1 is
eth1:0. She second alias added is eth1:1, and so on.
Important - After using CLI commands to add, configure or delete features, you must run the
save config command. This makes sure that the new configuration settings remain after
reboot.
Add or Delete VLAN

This section is a reference for the VLAN interface commands.
Description Use these commands to configure bridge interfaces.

add interface <IF> vlan <VLAN ID>
Syntax set interface <IF> <VLAN ID>
ipv4-address <IP> mask-length <Length>|subnet-mask<Mask>
ipv6-address <IP> mask-length <Length>
ipv6-autoconfig
delete interface <IF> vlan <VLAN ID>
Parameters interface Configure an interface
ipv4-address Assign an IPv4 address
ipv6-address Assign an IPv6 address
ipv6-autoconfig Automatically configure an IPv6 address
on Enable automatic configuration
off Disable automatic configuration
Values <IF> Physical interface related to this VLAN
<VLAN ID> VLAN identifier (integer range 1-4094)
<IP> IP address (IPv4 or IPv6)
<Length> Mask length (integer value)

add interface vlan eth1
Example
set interface eth1.99 ipv4-address 99.99.99.1 subnet-mask
255.255.255.0
set interface eth1.99 ipv6-address 209:99:1 mask-length 64
delete interface eth1 vlan 99

reboot.
Add or Delete Bridge

This is a quick reference for bridge interface commands. The next section is procedures for different tasks,
with configuration options.
Description Use these commands to configure bridge interfaces.

add bridging group <Group Name> [interface <IF>]
Syntax delete bridging group <Group Name> interface <IF>
show bridging group <Group Name>
<Group Name>
Values Name of bridging group
<IF>
Interface name
set bridging group 666 interface eth1
Example
reboot.
Add or Delete Bond

This is a quick reference for link aggregation (bonding) commands. See the Gaia Administration Guide to
learn more.
Description Use these commands to configure link aggregation.

add bonding group <Bond ID> interface <Slave>
Syntax delete bonding group <Bond ID> interface <Slave>
set bonding group <Bond ID>
primary VALUE
mii-interval VALUE
up-delay VALUE
down-delay VALUE
arp-polling-interval VALUE
mode VALUE
lacp-rate VALUE
xmit-hash-policy VALUE
show bonding group <Bond ID>
show bonding groups
<Bond ID>
Parameters ID of bond, an integer between 1 and 1024
<Slave>
Slave interface name
primary Name of primary slave interface
mii-interval Frequency that the system polls the Media Independent

Interface (MII) to get status
up-delay Waiting time to confirm the slave interface status before

down-delay taking the specified action (0-5000 ms default = 200 ms).

arp-polling-interval Frequency of ARP requests sent to confirm a that slave

interface is up
mode Bond interface operating mode:

round-robin - Selects the active slave interface
sequentially.
active-backup - If the active slave interface goes
down, the connection automatically fails over to the
primary slave interface. If the primary slave interface
is not available, the connection fails over to a
different slave.
xor - Selects the algorithm for slave selection
according to the TCP/IP layer.
8023AD - Dynamically uses active slaves to share
the traffic load using the LACP protocol. This
protocol enables full interface monitoring between
the gateway and a switch.
lacp-rate Sets the LACPDU packet transmission rate
xmit-hash-policy Selects the algorithm for slave selection according to the

specified TCP/IP layer
set bonding group 666 20 eth2
Example show bonding groups
Bonding Interface: 20
Output
Bond Configuration
xmit_hash_policy Not configured
down-delay 200
primary Not configured
mode round-robin
up-delay 200
mii-interval 100
lacp_rate Not configured
arp-polling-interval 0
Bond Interfaces
eth2
eth3
reboot.
Add or Delete Loopback

Description Configure loopback interfaces
add interface lo loopback <IP>/<Mask>
Syntax delete interface lo loopback <IF>
Parameters loopback Configures a loopback interface.

and Values
lo You must use the lo (local interface) keyword to define a
loopback interface.
<IP> IPv4 or IPv6 address.
<Mask> IPv4 subnet mask or IPv6 mask length using CIDR ( /xx)
notation.
<IF> Loopback interface name (loopXX)

add interface lo loopback 10.10.99.1/24

Examples add interface lo loopback 2010:10:99::1/64
delete interface lo loopback loop01
Comments When you create a new loopback interface, Gaia automatically assigns a name in the
format loopXX, where XX is a sequence number starting from 00.
reboot.
Add or Delete PPPoE

Description Add, configure, monitor, and delete PPPoE interfaces.
Syntax To add a PPPoE Interface

add pppoe client id VALUE interface VALUE user-name VALUE password
VALUE use-peer-dns VALUE use-peer-as-default-gateway VALUE
For example:
add pppoe client id 2 interface eth0 user-name aaaa password aa
use-peer-dns on use-peer-as-default-gateway on
To configure a PPPoE Interface
set pppoe client id VALUE
interface VALUE
password VALUE
use-peer-as-default-gateway VALUE
use-peer-dns VALUE
user-name VALUE
To monitor a PPPoE Interface
show pppoe client id VALUE
For example
show pppoe client id 2
To delete a PPPoE Interface
delete pppoe client id VALUE

client id VALUE This ID must be unique for all PPPoE interfaces that
terminate on this Gaia system. Maximum value is 999.
interface VALUE This is the physical Interface which will forward PPPoE
frames.
user-name VALUE The User name and password are needed to connect to
the PPPoE server at the Internet Service Provider (ISP).
Get them from the ISP.
password VALUE
use-peer-dns VALUE This allows the ISP to define the IPv4 DNS server for the
Gaia system. The ISP supplies either one IPv4 DNS
server (the Primary) or two (Primary and Secondary).
Note - If you select Use Peer DNS, the IPv4 DNS servers
configured in Network Management > Hosts and DNS
are overwritten by the PPPoE Peer DNS servers.

use-peer-as-default This makes the ISP server the Default Gateway for the
-gateway VALUE Gaia system.
Note - If you select Use Peer as Default Gateway the

Default Gateway configured in Network Management >
IPv4 Static Routes is not used.
show pppoe client id 2
Example
Client ID:2
Output
Client Name:pppoe2
Client User Name:aaaa
Client Password:**
Client Interface:eth0
Use Peer As Default Gateway:on
Use Peer DNS:on
Client Status:Connecting...
Comments To save changes you must run save config
Configuring Network Connection Interface

Description Configure physical interfaces
set interface <IF>
Syntax ipv4-address <IP>
mask-length <Mask>
subnet-mask <Mask>
ipv6-address <IP> mask-length <Mask>
ipv6-autoconfig <on | off>
comments <Text>
mac-addr <MAC>
mtu <MTU setting>
state <on | off>
link-speed <Speed_Duplex>
auto-negotiation <on | off>
show interfaces all

interface
Parameters Configures a physical or virtual interface
ipv4-address Assigns the IPv4 or IPv6 address

ipv6-address
ipv6-autoconfig If on, automatically gets the IPv6 address from the DHCP
mask-length Configures IPv4 or IPv6 subnet mask length using CIDR ( /xx)
notation
subnet-mask Configures IPv4 subnet mask using dotted decimal notation
comments Adds free text comments to an interface definition
mac-addr Configures the interface hardware MAC address
mtu Configure the Maximum Transmission Unit size for an interface
state Sets interfaces status to on (enabled) or off (disabled).
link-speed Configures the interface link speed and duplex status

auto- Configures automatic negotiation of interface link speed and

negotiation duplex settings - on (enabled) or off (disabled)
<IP>
Parameter IPv4 or IPv6 address
Values
<IF>
Interface name
<Mask>
Interface net mask in dotted decimal or CIDR (/xx) notation as
applicable
<MAC>
Manually enter the applicable hardware address
<MTU Setting>
Integer greater or equal to 68 (Default = 1500)
<Speed_Duplex>
Enter the link speed in Mbps and duplex status using one of
these values:
10M/half
10M/full
100M/half
100M/full
1000M/full
10000M/full
set interface eth2 ipv4-address 40.40.40.1 subnet-mask 255.255.255.0
Examples
set interface eth2 mtu 1500
set interface eth2 state on
set interface eth2 link-speed 1000M/full
Comments There are some command options and parameters that you cannot do using the WebUI.
reboot.
Set Management Connection

Description Set or show the interface to the management server.
set management interface <interface name>
Syntax show management interface
Static-Route
Set Default Gateway
Description Set the default gateway.
set static-route default nexthop gateway address <GW IP> on|off
Syntax
Parameter nexthop Defines the next hop path.
address Identifies the next hop gateway by its IP address.
on Adds the specified route or next hop.
off Deletes the specified route or next hop. If you specify a next hop, only
the specified path is deleted. If no next hop is specified, the route and
all related paths are deleted.

<GW IP>
Values Gateway IP address in dotted decimal format without a net mask.
set static-route default nexthop gateway address 192.0.2.1 on
Examples
IPv4
You only use the set operation with the static-route command, even when adding or deleting a static
route.
Description Add, change or delete an IPv4 static route.

set static-route <Destination>
Syntax nexthop gateway address <GW IP> [priority ] on|off
nexthop gateway logical <GW IF> [priority ] on|off
nexthop blackhole
nexthop reject
set static-route <Destination> off
set static-route <Destination> rank <0-255>
Parameter nexthop Defines the next hop path, which can be a gateway, blackhole or
reject.
gateway Accepts and sends packets to the specified destination.
blackhole Drops packets, but does not send an error message.
reject Drops packets and sends an error message to the traffic source.
address Identifies the next hop gateway by its IP address.
logical Identifies the next hop gateway by the interface that connects to it. Use
this option only if the next hop gateway has an unnumbered interface.
priority Assigns a path priority when there are many different paths. The
available path with the lowest priority value is selected.
on Adds the specified route or next hop.
rank Selects a route when there are many routes to a destination that use
different routing protocols. The route with the lowest rank value is
selected.
Use the rank keyword in place of the nexthop keyword with no other
parameters.
<Destination>
Values Destination IP address using dotted decimal/mask length (slash)
notation. You can use the default keyword instead of an IP address
when referring to the default route.
<GW IP>
Gateway IP address in dotted decimal notation in dotted decimal format
without a net mask.
<GW IF>
Name of the interface that connects to the next hop gateway.

Priority. An integer between 1 and 8 (default=1).
<Rank Value>
Rank. An integer between 0 and 255 (default=0).

set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on

Examples set static-route 192.0.2.100 nexthop gateway address 192.0.2.18 off
set static-route 192.0.2.0/24 off
set static-route 192.0.2.100 nexthop blackhole
set static-route 192.0.2.0/24 rank 2
Comments There are no add commands for the static-route feature. To show static routes, run
show route static
IPv4 static routes can also be configured through Gaia WebUI > IPv4 Static Routes page.
IPv6
This section includes a complete command reference for the ipv6 static-route command. You can
only use the set operation with this command, even when adding or deleting a static route.
Description Add, change or delete an IPv4 static route.

set ipv6 static-route <Destination>
Syntax nexthop gateway <GW IP>
[priority ] on|off
interface <GW IF> [priority ] on|off
nexthop blackhole
nexthop reject
off
Parameter nexthop Defines the next hop path.
on Enables the specified route or next hop.
gateway Accepts and sends packets to the specified destination.
blackhole Drops packets, but does not send an error message.
reject Drops packets and sends an error message to the traffic source.
interface Identifies the next hop gateway by the interface that connects to it. Use
priority Assigns a path priority when there are many different paths. The
available path with the lowest priority value is selected. The gateway
with the lowest priority value is selected.
<Destination>
Value Destination IP address.
<Route Type>
gateway - Accepts and sends packets to the specified destination
reject - Drops packets and sends an error message to the traffic
source
blackhole - Drops packets, but does not send an error message-
<GW IP>
Identifies the next hop gateway by its IP address.
<GW IF>
Identifies the next hop gateway by the interface that connects to it. Use

Integer value between 1 and 8 (default=1).

set ipv6 static-route 3100:192::0/64 nexthop 3900:172::1 priority 2 on

Examples
set ipv6 static-route 3100:192::0/64 nexthop 3900:172::1 interface eth3
priority 2 on
set ipv6 static-route 3100:192::0/64 nexthop off

set ipv6 static-route 3300:123::0/64 nexthop blackhole
Comments There are no add or show commands for the static route feature.
IPv6 static routes can also be configured through Gaia WebUI > IPv6 Static Routes page.
DHCP Server
Description DHCP Server commands allow you to configure the Gaia device as DHCP server for
network hosts.
Syntax To create DHCP Server subnets:

add dhcp server subnet VALUE
netmask VALUE
include-ip-pool start VALUE end VALUE
exclude-ip-pool start VALUE end VALUE
To change DHCP Server subnet configurations:

set dhcp server subnet VALUE
enable
disable
include-ip-pool VALUE enable
include-ip-pool VALUE disable
exclude-ip-pool VALUE enable
exclude-ip-pool VALUE disable
default-lease VALUE
max-lease VALUE
default-gateway VALUE
domain VALUE
dns VALUE
To delete DHCP Server subnets:

delete dhcp server subnet VALUE
exclude-ip-pool VALUE
include-ip-pool VALUE
To enable or disable the DHCP Server process:

set dhcp server
disable
enable
To view DHCP Server configurations

show dhcp server
all
status
subnet VALUE ip-pools
subnets


subnet VALUE The IPv4 address of the DHCP subnet on an Ethernet interface of
the Gaia device. Hosts behind the Gaia interface get IPv4
addresses from address pools in the subnet. For example,
192.0.2.0
netmask VALUE The IPv4 subnet mask in CIDR notation. For example,
24
start VALUE The IPv4 address that starts the allocated IP Pool range. For
example 192.0.2.20
end VALUE The IPv4 address that ends the allocated IP Pool range. For
example 192.0.2.90
include-ip-pool The range of IPv4 addresses to include in the IP pool. For example
VALUE 192.0.2.20-192.0.2.90
exclude-ip-pool The range of IPv4 addresses to exclude from the IP pool. For
VALUE example: 192.0.2.155-192.0.2.254
enable Enable the DHCP Server subnet, or the DHCP Server process
(depending on the context).
disable Disable the DHCP Server subnet, or the DHCP Server process
(depending on the context).
default-lease The default lease in seconds, for host IPv4 addresses. This is
VALUE applied only if clients do not request a unique lease time. If you do
not enter a value, the configuration default is 43,200 seconds.
max-lease VALUE The maximum lease in seconds, for host IPv4 addresses. This is
the longest lease available. If you do not enter a value, the
configuration default is 86,400 seconds.
default-gateway The IPv4 address of the default gateway for the network hosts
VALUE
domain VALUE The domain name of the network hosts. For example,
example.com.
dns VALUE The DNS (Domain Name Service) servers that the network hosts
will use to resolve hostnames. Optionally, specify a primary,
secondary and tertiary server in the order of precedence. For
example
192.0.2.101, 192.0.2.102, 192.0.2.103
all All DHCP server configuration settings.
subnets DHCP Server subnet configuration settings.
subnet VALUE The IP pools in the DHCP Server subnet, and their status: Enabled
ip-pools or Disabled.
status The status of the DHCP Server process: Enabled or disabled.

gw-9403be> show dhcp server all
Example

DHCP Server Enabled

Output
DHCP-Subnet 192.0.2.0
State Enabled
Net-Mask 24
Maximum-Lease 86400
Default-Lease 43200
Domain example.com
Default Gateway 192.0.2.103
DNS 192.0.2.101, 192.0.2.102, 192.0.2.103
Pools (Include List)
192.0.2.20-192.0.2.90 : enabled
192.0.2.120-192.0.2.150 : disabled
Pools (Exclude List)
192.0.2.155-192.0.2.254 : enabled
State Disabled
Net-Mask 24
Maximum-Lease 86400
Default-Lease 43200
Pools (Include List)
192.0.2.10-192.0.2.99 : enabled
State Disabled
Net-Mask 24
Maximum-Lease 86400
Default-Lease 43200
Comment DHCP servers can also be configured through Gaia WebUI > DHCP Server page.
DHCP Relay Configuration

Configure DHCP Relay with the bootp command. This is a quick reference. See the Gaia Administration
Guide to learn more.
Use these commands to configure BOOTP properties for specific interfaces.
set bootp interface <if_name>
primary ip_address wait-time <0-65535> on
relay-to ip_address <on | off>
off
Parameter Description
primary The ip_address to stamp as the gateway address on all BOOTP requests.
ip_address
wait-time The wait-time value is the minimum seconds to wait before forwarding a bootp request. A
<0-65535> client-generated bootp request includes the elapsed time after the client began to boot. The
on bootp relay does not forward the request until the indicated elapsed time at least equals the
specified wait time. This delay lets a local configuration server reply, before it relays to a
remote server.
relay-to The server to which BOOTP requests are forwarded. You can specify more than one
ip_address server.
<on | off>
off Disables BOOTP on the specified interface.
Comment DHCP Relay can also be configured through Gaia WebUI > DHCP Relay page.

Configuring the System for the First Time
Export Setup
You can export the management setup to a file.
1. Log in to expert mode.
2. Run: $FWDIR/bin/upgrade_tools/upgrade_export -n /var/tmp/cpexport
The setup is saved at: /var/tmp/cpexport.tgz
Hardware Monitoring
In SecurePlatform sysconfig, you can enable or disable hardware monitoring. In Gaia, it is always enabled. If
you want to turn it off, contact Check Point Technical Support.
Configuring the System for the First

Time
You can configure Gaia the first time with different methods:
Interactive web based wizard
Non-interactive command line
The command line option uses the config_system command. The input is a configuration file that
automates first time configuration.
Important - config_system is NOT intended for ongoing system configuration. It is only for the
first configuration.
To create the configuration file:

1. Run: config_system --create-template <template_file>
This creates a template for the input file.
2. Edit the template file. Use the field descriptions to see what the values should be for your system.
3. Run: config_system --config-file <config_file> --dry-run
This lets you see that the configuration file is valid.
To configure the system using the configuration file:
Run: config_system --config-file <config_file>
To see config_system usage, run: config_system -help

Sysconfig To Gaia CLI: Technical Reference Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sysconfig To Gaia CLI: Technical Reference Guide

Uploaded by

Copyright:

Available Formats

Sysconfig to Gaia CLI

Technical Reference Guide

16 October 2012 First release of this document

Important Information .............................................................................................3

SecurePlatform sysconfig to Gaia

Option Description See Gaia equivalent command

1) Host Name Set or show hostname. Host Name (on page 6)

2) Domain Name Set or show domain Domain Name (on page 6)

3) Domain Name Servers Add, remove, or show DNS (on page 6)

5) Network Connections Add, remove, or show Interface (on page 9)

6) Routing Add, remove or show Static-Route (on page 15)

Sysconfig to Gaia CLI Technical Reference Guide | 5

Sysconfig to Gaia CLI Technical Reference Guide | 6

NTP, Time, Date

Syntax To monitor and troubleshoot your NTP implementation:

To add a new NTP server:

Parameters Parameter Description

secondary The host name or IP address of the secondary NTP server.

version The version number of the NTP server (from 1 to 4).

server Keyword that identifies the NTP server.

Example show ntp servers

Sysconfig to Gaia CLI Technical Reference Guide | 7

Parameters Parameter Description

Example show clock

Output Thu Oct 6 15:20:00 2011 IST

Parameters Parameter Description

Example set date 2012-08-10

Parameters Parameter Description

<time of day> The current system time in HH:MM:SS format

Example show time

Sysconfig to Gaia CLI Technical Reference Guide | 8

set timezone <Area> / <Region>

Parameters Parameter Description

<Region> Region within the specified area.

Example set timezone America / Detroit

2) VLAN 6) PPPoE connection

3) Bridge 7) PPTP connection (not in Gaia)

4) Bond 8) ISDN connection (not in Gaia)

Option See Gaia equivalent command

1 Add or Delete Alias (on page 9)

2 Add or Delete VLAN (on page 10)

3 Add or Delete Bridge (on page 11)

4 Add or Delete Bond (on page 11)

5 Add or Delete Loopback (on page 12)

6 Add or Delete PPPoE (on page 13)

general Configuring Network Connection Interface (on page 14)

Add or Delete Alias

Sysconfig to Gaia CLI Technical Reference Guide | 9

Parameter <IP> IPv4 address

<Mask> IPv4 subnet mask length using CIDR ( /xx) notation

Add or Delete VLAN

Description Use these commands to configure bridge interfaces.

ipv4-address Assign an IPv4 address

ipv6-address Assign an IPv6 address

ipv6-autoconfig Automatically configure an IPv6 address

on Enable automatic configuration

off Disable automatic configuration

Values <IF> Physical interface related to this VLAN

<VLAN ID> VLAN identifier (integer range 1-4094)

<IP> IP address (IPv4 or IPv6)

<Length> Mask length (integer value)

set interface eth1.99 ipv6-address 209:99:1 mask-length 64

delete interface eth1 vlan 99