Monday, May 2, 2016

Check Point Firewall: Last Day On The Job Experience

I thought I would post about a data center move experience I had.  I'm missing this blogging thing, and I'll probably be coming back some while I get settled in at the new job. 
Its funny to me, that sometimes your last day at your employer can be one of the most pressured days. I had a customer that was doing a large data center move over the weekend.  New gear in the data center and then moving a large number of servers and some partial existing network gear for special purpose situations.  There were two of us that has split up some security roles between us.  My goal was to get the HA pair of Check Points up and running while the other engineer worked on a couple of other things in the network.  Well, we both ran into issues that we didn't necessarily need that night.  His BlueCat DHCP management server ended up with a corrupted database during the physical move and one of my HA Check Point enforcement modules started going non-responsive.  Both of us had to do reinstalls.  Him the BlueCat management server and me the primary Check Point enforcement module (4800).  It seems things always seem to go like this in an important move.
So, for my part in this.  During my troubleshooting of this enforcement module, I was not getting anywhere really fast.  So I decided to get the other enforcement module up and running, which I did.  Then I came back to the primary enforcement module and did a reinstall from scratch on it.
Boot to USB, do the install.
Go through the initial setup for IP connectivity and establish SIC.
Make sure all physical connections are correct and push policy.
Back up and running in HA again.

It just goes to show, you never know what to expect on a move like this.


  1. Thanks for sharing. Projects, like beings, have a life of their own.

  2. I dig your blogs man, especially on Brocade's, glad you're back at it.


Your comment will be reviewed for approval. Thank you for submitting your comments.