Professional Documents
Culture Documents
CP R80.30 GA SmartProvisioning AdminGuide
CP R80.30 GA SmartProvisioning AdminGuide
cpconfig
cplic
mdsenv <
>.
LSMenabler on
Check Point services should be restarted. Restart now
(y/n) [y] ?
LSMenabler -r on
cpstop
cpstart
cpconfig
LSMenabler on
https://<IP_address>
https://<IP_address>:981
https://<IP_address>:4434
cpconfig
LSMcli < > < > < > Convert Gateway VPN1 < >
< >
LSMcli < > < > < > Convert Gateway CPSG80
< > < >
LSMcli < > < > < > Convert Gateway VPN1Edge < >
< >
CN=gw-name, O=Management-domain-name
LSMcli < > < > < > Convert ROBO VPN1 < >
LSMcli < > < > < > Convert ROBO VPN1Edge < >
Note: There is no default route since
no Internet connection is enabled.
vpn_route.conf
vpn_route.conf
/var/opt/CPmds-R80.30/customers/<Domain Management
Server_name>/CPSG80CMP-R80.30/conf/vpn_route.conf
/opt/CPmds-R80.30/customers/<Domain Management
Server_name>/CPsuite-R80.30/fw1/conf/vpn_route.conf
/opt/CPSG80CMP-R80.30/conf/vpn_route.conf
/opt/CPsuite-R80.30/fw1/conf/vpn_route.conf
LSMenabler on
vpn_route.conf
vpn_route.conf
vpn_route.conf
AddROBO VPN1Cluster
fw fetch_robo -n -f
<prefix>cluster<suffix>
cpconfig
cplic
LSMenabler -r on
cpstop
cpstart
cpconfig
ROBO Interfaces External
LSMenabler on
LSMcli [-d] <Server> <User> <Pswd> <Action>
[-d]
LSMcli [-d] < > < > < > AddROBO VPN1 < > < >
[-RoboCluster=< >] [-O=< > [-I=< >]] [[-CA=< >
[-R=< >] [-KEY=< >]]]
[-D]:< >=< >
[-< >] [-D]:...]]
AddROBO VPN1
server
user
pswd
ROBOName
Profile
OtherROBOName
-RoboCluster
ActivationKey
IP
CaName
CertificateIdentifie
r#
AuthorizationKey
DynamicObjectName
IP1-IP2
FirstDO
LSMcli mySrvr name pass AddROBO VPN1 MyRobo AnyProfile -O=MyPass
-I=10.10.10.1 -DE:FirstDO=10.10.10.5 -CA=OPSEC_CA -R=cert1233 -KEY=ab345
LSMcli [-d] < > < > < > AddROBO VPN1Edge< > < >
< >
[-RoboCluster=< >] [-O=< >] [[-CA=< >
[-R=< >][-KEY=< >]]]
[-F=LOCAL|DEFAULT|< >]
[-M=< >] [-K=< >] [-D[E]:<D.O. name>=< >[-< >] [-D[E]:...]]
server
user
pswd
RoboName
Profile
ProductType
OtherROBOName
-RoboCluster
RegistrationKey
CaName
CertificateIdentifier#
AuthorizationKey
Firmware-name
MAC
ProductKey
DO Name
E LSMcli
ModifyROBOManualVPNDomain
Ip1-Ip2
MyRobo
AnyProfile MyRobo
LSMcli mySrvr name pass AddROBO VPN1Edge MyRobo AnyProfile IP30 -O=AnyRegKey
-F=DEFAULT – M=00:08:AA:BB:CC:DD -K=123456-ABCDEF-ABC123
LSMcli mySrvr name pass AddROBO VPN1Edge MyRobo AnyProfile SBox-100
-F=Safe@_Safe@_3.0.23_Generic_Safe@_fcs
LSMcli [-d] < > < > < > ModifyROBO VPN1 < > [
ModifyROBO VPN1
server
user
pswd
RoboName
Profile
OtherROBOName
-RoboCluster
-NoRoboCluster -NoRoboCluster
ModifyROBO VPN1
DO Name
IP1-IP2
-KeepDOs
LSMcli
server
user
pswd
RoboName
Profile
ProductType
OtherROBOName
-RoboCluster
-NoRoboCluster -NoRoboCluster
ModifyROBO VPN1
RegistrationKey
Firmware
MAC
ProductKey
DO Name
E LSMcli
ModifyROBOManualVPNDomain.
Ip1-Ip2
-KeepDOs
LSMcli
server
user
pswd
RoboName
FirstIP-LastIP
Index
IfOverlappingIPRangesDetected
ModifyROBOTopology VPN1
server
user
pswd
RoboName
VPNDomain
not_defined:
ShowROBOTopology
external_ip_only:
topology:
manual:
ModifyROBOManualVPNDomain
server
user
pswd
RoboName
VPNDomain
not_defined:
ShowROBOTopology
external_ip_only
topology
automatic:
manual:
[-IfOverlappingIPRangesDetected=< >]
ModifyROBOInterface VPN1
server
user
pswd
RoboName
InterfaceName
IPAddress
NetMask
IfOverlappingIPRangesDetected
server
user
pswd
RoboName
InterfaceName
IPAddress
NetMask
Enabled
HideNAT
DHCPEnabled
DHCPIpAllocation
IfOverlappingIPRangesDetected
AddROBOInterface VPN1
server
user
pswd
RoboName
InterfaceName
IPAddress
NetMask
DeleteROBOInterface VPN1
server
user
pswd
RoboName
InterfaceName
ResetSic
server
user
pswd
RoboName
ActivationKey
IP
ResetIke
server
user
pswd
RoboName
CaName
CertificateIdentifier
AuthorizationKey
LSMcli [-d] < > < > < > ExportIke < > < > < >
ExportIke
server
user
pswd
RoboName
Password
FileName
UpdateCO
server
user
pswd
Cogw
CogwCluster
Remove
server
user
pswd
RoboName
ID
Show
-N
-F
n
b
c
i
t
v
p
g
l
s
k
d
LSMcli [-d] < > < > < > ShowROBOTopology < >
ShowROBOTopology
server
user
pswd
RoboName
ModifyROBOConfigScript
Usage
LSMcli [-d] < >< >< > ModifyROBOConfigScript VPN1Edge < >
< >
Parameters
ModifyROBOConfigScript
server
user
pswd
RoboName
inputScriptFile
Example
LSMcli mySrvr name pass ModifyROBOConfigScript VPN1Edge MyRobo myScriptFile
Usage
LSMcli [-d] < > < > < > ShowROBOConfigScript VPN1Edge < >
Parameters
ShowROBOConfigScript
server
user
pswd
RoboName
Example
LSMcli mySrvr name pass ShowROBOConfigScript VPN1Edge MyRobo
VerifyInstall
Install
uninstall
LSMcli [-d] < > < > < > VerifyInstall < > < > < >
< > < >
VerifyInstall
server
user
pswd
RoboName
Product
Vendor
Version
SP
LSMcli mySrvr name pass VerifyInstall MyRobo firewall checkpoint NG_AI fcs
VerifyInstall
LSMcli [-d] < >< >< > Install < >< >< >< >
< >
[-P=Profile] [-boot] [-DoNotDistribute]
Install
server
user
pswd
RoboName
Product
Vendor
Version
SP
Profile
boot
-DoNotDistribute
LSMcli mySrvr name pass Install MyRobo firewall checkpoint NG_AI fcs
-P=AnyProfile -boot
ShowInfo
LSMcli [-d] < > < > < > Uninstall < > < > < > < >
< >
[-P=Profile] [-boot]
Uninstall
server
user
pswd
ROBO
Product
Vendor
Version
SP
Profile
boot
LSMcli mySrvr name pass Uninstall MyRobo firewall checkpoint NG_AI fcs -boot
LSMcli [-d] < > < > < > Distribute < > < > < >
< > < >
Distribute
server
user
pswd
RoboName
Product
Vendor
Version
SP
LSMcli mySrvr name pass Distribute MyRobo fw1 checkpoint NG_AI R54
LSMcli [-d] < > < > < > VerifyUpgrade < >
VerifyUpgrade
Upgrade
server
user
pswd
RoboName
Profile
boot
LSMcli [-d] < > < > < > GetInfo < >
GetInfo
server
user
pswd
RoboName
LSMcli [-d] < > < > < > ShowInfo < >
ShowInfo
server
user
pswd
VPN1EdgeRoboName
LSMcli [-d] < > < > < > Stop < >
Stop
server
user
pswd
Robo Gateway
LSMcli [-d] < > < > < > Start < >
Start
server
user
pswd
Robo Gateway
LSMcli [-d] < > < > < > Restart < >
Restart
server
user
pswd
Robo Gateway
LSMcli [-d] < > < > < > Reboot < >
Reboot
server
user
pswd
Robo Gateway
LSMcli [-d] < > < > < > PushPolicy < >
PushPolicy
server
user
pswd
Robo Gateway
LSMcli [-d] < > < > < > PushDOs < >
PushDOs
server
user
pswd
RoboName
GetStatus
server
user
pswd
Robo Gateway
server
user
pswd
Name
CO
Force
LSMenabler –r off
LSMenabler on
server
user
pswd
Name
Profile
EXT
INT
DMZ
AUX
NoRestart
Force
LSMenabler –r on
LSMcli mySrvr name pass Convert Gateway VPN1 MyGW MyProfile –E=hme0 –I=hme1
–D=hme2 -Force
LSMcli [-d] < > < > < > Convert ROBO VPN1Edge < >
server
user
pswd
Name
server
user
pswd
Name
Profile
AddROBO VPN1Cluster
AddROBO
VPN1Cluster
< >
Profile
MainIPAddress
SuffixName
SubstitutedName
Part
CAName
KeyIdentifier#
AuthorizationCode
ModifyROBO VPN1Cluster
ModifyROBO VPN1Cluster
< >
ModifyROBO VPN1Cluster < > -I=< >
< >
< >
ModifyROBO VPN1Cluster
< >
< >
<D.O. Name>
< > i
ModifyROBO VPN1Cluster
< >
< >
ModifyROBONetaccess
VPN1Cluster
< >
ClusterName
InterfaceName
-InternalIP not_defined
this specific
-AntiSpoof true
AllowedGroup SpoofTrack
false
-AllowedGroup TopologyType=external AllowedGroup
TopologyType=internal AllowedGroup
<action>
< >ClusterSubnetOverride VPN1Cluster < >
< > [-IName=< >] [-MNet=< >]
[-CIP=< > -CNetMask=< >]
ModifyClusterSubnetOverride
AddClusterSubnetOverride
DeleteClusterSubnetOverride
PrivateSubnetOverride
Add|Modify|Delete
ROBOClusterName
InterfaceName
-IName
-MNet
-CIP
-CNetMask ClusterIPAddress
< >
<Add|Modify|Delete>PrivateSubnetOverride VPN1ClusterMember
< > < > [-IName=< >]
[-MNet=< >]
ModifyPrivateSubnetOverride
AddPrivateSubnetOverride
DeletePrivateSubnetOverride
Add|Modify|Delete
ROBOMemberName
InterfaceName
-IName
-MNet
< >
RemoveCluster < >
LSMcli [-d] < >< >< > AddROBO < > < >
[-O=< > [-I=< >]] [[-CA=< >
[-R=< >] [-KEY=< >]]
server
user
pswd
Appliance_Model
CPSG80
1200R
1430/1450
1470/1490
ROBOName
Profile
ActivationKey
IP
CaName
CertificateIdentifie
r#
AuthorizationKey
<Appliance_Model>Cluster
CPSG80Cluster
1200RCluster
1430/1450Cluster
1470/1490Cluster
Profile
MainIPAddress
SuffixName
SubstitutedName
Part
CAName
KeyIdentifier#
AuthorizationCode
LSMcli 192.168.3.26 aa aaaa ModifyROBO CPSG80 Paris_GW
-P=second_small_office_profile
LSMcli 192.168.3.26 aa aaaa ModifyROBO CPSG80 Paris_GW
-P=second_small_office_profile