To install checkpoint Gaia on VMware in Guest operating System select the ' Linux ' and in version Select ' Other Linux 2.6x kernel 64-bit' option.Install Gaia. MS Paint, the first app you used for editing images, will probably be killed off in future updates of Windows 10, replaced by the new app Paint 3D. Microsoft lists.
In This Section: |
You can install Check Point management products on open servers that run Gaia.
Note - You must install the Gaia operating system before you use the First Time Configuration Wizard on an open server.
Installing Security Management Server on Gaia Open Servers
To install and configure Check Point products on Gaia, use the First Time Configuration Wizard or configure the operating system and install the products in the WebUI.
To configure Security Management Server on Gaia:
- Open a browser to the WebUI:
https://
<Gaia management IP address> - In the Gaia Portal window, log in with the administrator name and password that you defined during Gaia installation.
- The WebUI shows the First Time Configuration Wizard. Click Next.
- Select Continue with configuration of Gaia R80. Click Next.
- If you did not change the default administrator password, do it now. Click Next.
- Set an IPv4 address for the management interface.If you change the management IP address, the new IP address is assigned to the interface. The old IP address is added as an alias and is used to maintain connectivity.
- Enter the host name of the server.Optional:
- Enter the domain name, and IPv4 addresses for the DNS servers.
- Set the IP Address and Port for a Proxy Server.
Click Next. - Set the date and time manually, or enter the hostname and IPv4 address of the NTP server. Click Next.
- Select Security Management. Click Next.
- Enter the username and password for the Security Management Server administrator account. Click Next.
- Define IPv4 addresses from which SmartConsole clients can log in to the Security Management Server. Click Next.
- Get a license automatically from the UserCenter and activate it, or use the trial license.If there is a proxy server between the server and the Internet, enter its IP address and port.Click Next.
- Review the summary and then click Finish.
- Click Yes when prompted to start the configuration process.A progress bar tracks the configuration of each task.
- Click OK.
- If the Help Check Point Improve Upgrades (CPUSE) window shows, click Yes or No. Check Point recommends that you click Yes. Your data is never shared with third parties.
Installing Multi-Domain Server on Gaia Open Servers
To install and configure Check Point products on Gaia, use the First Time Configuration Wizard or configure the operating system and install the products in the WebUI.
To install Multi-Domain Server on a Gaia open server:
- Open a browser to the WebUI:
https://
<Gaia management IP address> - In the Gaia Portal window, log in with the administrator name and password that you defined during Gaia installation.
- The WebUI shows the First Time Configuration Wizard. Click Next.
- Select Continue with configuration of Gaia R80. Click Next.
- If you did not change the default administrator password, do it now. Click Next.
- Set an IPv4 address for the management interface.If you change the management IP address, the new IP address is assigned to the interface. The old IP address is added as an alias and is used to maintain connectivity.Click Next.
- Enter the host name of the server.Optional:
- Enter the domain name, and IPv4 addresses for the DNS servers.
- Set the IP Address and Port for a Proxy Server.
Click Next. - Set the date and time manually, or enter the hostname and IPv4 address of the NTP server. Click Next.
- Enter the username and password for the Security Management Server administrator account. Click Next.
- For Installation Type, select Multi-Domain Server. Click Next.
- For the type of server, select Primary.
- Select the leading interfaces.Leading interfaces are physical interfaces that connect to the external network. These interfaces are for Domain Server virtual IP addresses. Each leading VIP interface can have up to 250 virtual IP addresses (250 Domain Servers).
- Set the Name and Password for the Multi-Domain Server administrator account. Click Next.
- Define IPv4 addresses from which SmartConsole clients can log in to the Multi-Domain Server. Click Next.
- Get a license automatically from the UserCenter and activate it, or use the trial license.If there is a proxy server between the server and the Internet, enter its IP address and port.Click Next.
- Review the summary and then click Finish.
- Click Yes when prompted to start the configuration process.A progress bar tracks the configuration of each task.
- Click OK.
- If the Help Check Point Improve Upgrades (CPUSE) window shows, click Yes or No. Check Point recommends that you click Yes. Your data is never shared with third parties.
You can deploy Security Gateway Virtual Edition on your ESX hosts from an OVF template or from an ISO.
If you choose to install from an OVF template, the operating system for the VM is installed and configured for typical deployment. This option is faster.
If you choose to create a new Virtual Machine, you install the Security Gateway from the Check Point ISO. You install the operating system and then run the First Time Configuration Wizard.
Related Topics |
Installing Security Gateway Virtual Edition Virtual Machine
To install a new Security Gateway Virtual Edition VM from an OVF template:
- Import the OVF template and start the Deploy OVF Template wizard.
- Configure the Security Gateway Virtual Edition VM in the ESX inventory.
- Map the Security Gateway Virtual Edition VM interfaces to your network.
- Run the First Time Configuration Wizard.
Getting the Template
To get the Security Gateway Virtual Edition OVF Template:
- Download
Check_Point_Security_Gateway_R77_VE.tgz
to your vSphere Client computer. - Extract the template OVF file to a temporary folder.
Deploying the Security Gateway Virtual Edition VM
To deploy the VM and save it in the inventory:
- In the VMware vSphere client, select an ESX host.
- Select File > Deploy OVF Template. The Deploy OVF Template wizard opens.
- In the Source window, select Deploy from file.
- Enter or select the .ovf file and then click Next.
- In the OVF Template Details window, click Next.The next windows that you see depend on the template properties.
- Name and Location window - select an inventory location for the VM.
- Disk Format window - select Thick provisioned format.
- Host/Cluster window - select a host. This window only opens if there are multiple hosts or clusters.
- If the Datastore window opens, select a datastore. This window opens only if there is more than one datastore related to the host or cluster.
Configuring the Virtual Machine Settings
Before you configure the Security Gateway Virtual Edition, make sure the VM has the minimum requirements.
To configure the VM:
- Right-click the VM.
- Select Edit Settings. The Virtual Machine Properties window opens.
- Configure memory:
- Minimum to run Security Gateway Virtual Edition in 32-bit - 1024 MB. Add more to increase connection capacity.
- Minimum to run Security Gateway Virtual Edition in 64-bit - 6 GB.
- Configure Network Adapters.
Configuring Network Adapters - Mapping Interfaces
To complete import of the OVF template, map the interfaces. Security Gateway Virtual Edition is already configured with four network adapters. You can add and delete vNICs.
In the Network Mapping window, configure the default network adapters and destination networks. These are the network adapters that are configured for Security Gateway Virtual Edition by the template.
To complete OVF import:
- For each source network, select a destination network from the list. (The destination network names are examples and will be different for your deployment.)
- Click Next.
- Click Finish.It can take some time to add the Security Gateway Virtual Edition VM to the inventory.
- Continue with the First Time Configuration Wizard.
Configuring Storage
When you deploy a Security Gateway Virtual Edition R77 on Gaia from OVF, it gets this configuration:
- Swap: 2 GB
- Root: 7 GB
- Logs: 3 GB
- Backup and upgrade: 8 GB
To add more storage, increase the disk size.
Installing Security Gateway Virtual Edition from ISO
Before you begin, download the ISO file with the R77 image for the Gaia operating system to your vSphere Client computer.
To create a new R77 VM:
- In the VMware vSphere client, click File > New > Virtual Machine. The Create New Virtual Machine wizard opens.
- Select Custom Configuration.
- Enter a name, inventory location, host, destination storage, and version for the VM.
- In Guest Operating System, select Linux.
- In Version, select Other Linux (32-bit) or Other Linux (64-bit).The mode you select here must match the mode that you select during Gaia installation.
- In the CPUs window, select the number of virtual CPUs for the virtual machine.
- In the Memory window, set the memory size of the VM:
- Minimum to run Security Gateway Virtual Edition in 32-bit - 1024 MB. Add more to increase connection capacity.
- Minimum to run Security Gateway Virtual Edition in 64-bit - 6 GB.
- In the Network window, select the number of NICs to connect to the VM.
- Map the interfaces to the networks available to the ESX host.
- Use E1000 adapter for the NICs.
- Leave Connect at Power On selected.
- In the SCSI Controller window, select LSI Logic Parallel.
- In the Disk window, select Create a new virtual disk.
- In the Create a Disk window:
- Disk Size - 21 GB is required minimum
- Disk Provisioning - select Thick Provision Lazy Zeroed
- Location - select Store with virtual machine
- In the Advanced Options window, do not change the default settings (Disk Provisioning = Flat Disk, Virtual Device Node = SCSI 0:0).
- In the Ready to Complete window, select Edit the virtual machine settings before completion.
- Click Continue.The Virtual Machine Properties window opens.
To configure the new VM with required settings:
- Open the Resources Tab and select Memory.
- Increase Memory Reservation to at least 1 GB.More reserved resources increases the performance of the Security Gateway VM.
- Click Finish.
- Power on the Virtual Machine.
- Attach the ISO file with the downloaded R77 image to the VM CD/DVD drive.
- With the Virtual Machine selected, click Connect/disconnect the CD/DVD devices of the virtual machine.
- Click Connect to ISO image on local disk.
- Browse to the location of the ISO file and click Open.
- Right-click the VM and select Guest > Send Ctrl+Alt+Del.
- With the Virtual Machine selected, open the Console tab.
- Log in to the virtual machine console.The operating system installation begins automatically. See the R77 Installation and Upgrade Guide.
- Continue with the First Time Configuration Wizard.
First Time Configuration Wizard
The First Time Configuration Wizard is part of the management console, on a WebUI. Open the management console from a VM or a remote host (virtual or physical) .
- If the management console is a VM, it must be connected to the Check Point management port group.
- If the management console is a remote host, you will configure the network of the Security Gateway Virtual Edition to reach the host.
First, turn on the Security Gateway Virtual Edition VM.
To open the First Time Configuration Wizard from a different VM:
- Open the VM console.
- Open a browser to the default address of the Security Gateway Virtual Edition (
https://192.168.1.1
).The First Time Configuration Wizard starts.
To open the First Time Configuration Wizard from a remote host:
- Open the console of the Security Gateway Virtual Edition VM.
- Log in with the admin credentials (default is admin/admin).
- In clish, run:
set interface eth0 ipv4-address x.x.x.x subnet-mask x.x.x.x
- If the remote host is not on the same subnet as the Security Gateway Virtual Edition, define a default gateway:
set static-route default nexthop gateway address x.x.x.x on
- On the remote host, open a browser to the IP address of the Security Gateway Virtual Edition (
https://
<IP address>).The First Time Configuration Wizard starts.
To configure the Security Gateway Virtual Edition with the First Time Configuration Wizard:
- In the first step of the First Time Configuration Wizard, configure a new password.
- Configure the host name, domain name, and DNS server.
- Configure the date and time.
- Review the network details of the management interface and correct, if necessary.
- Select Check Point products to install.
- Select deployment:
- Standalone: Select Security Gatewayand Security Management Server. In the next steps, configure the user name and password of the administrator, and the GUI clients.
- Distributed: Select Security Gatewayand not Security Management Server. In the next steps, configure the Security Gateway Virtual Edition IP address for static or dynamic, and configure the SIC activation key.
- Configure the username of an administrator.
- Click Finish.A message shows to restart the Security Gateway.
- Click OK to restart the Security Gateway Virtual Edition now.
Completing the Installation
You must have a SmartDashboard installed on a Windows computer, and defined as a GUI client.
To install the R77 SmartDashboard:
- Browse to:
https://
<Security Gateway Virtual Edition IP address> - At Manage Software Blades using SmartConsole, click Download Now.
After the SmartDashboard is installed, use the GUI client to install the 15-day trial license, or to add a permanent license. Open SmartDashboard and install a policy on the Security Gateway Virtual Edition.
Uninstallation
![Install Checkpoint Gaia Virtualbox Images Install Checkpoint Gaia Virtualbox Images](https://i.ytimg.com/vi/7DYjT0bEwAs/maxresdefault.jpg)
To uninstall Security Gateway Virtual Edition:
- In the vSphere client, turn off the Security Gateway Virtual Edition VM.
- Delete the Security Gateway Virtual Edition from your inventory.
- Delete Security Gateways, cluster objects, and other network objects in SmartDashboard that were used with Security Gateway Virtual Edition.