R80.10 Standalone Check Point Firewall Deployment
(for lab only)
(for lab only)
Check Point has done wonders as far as how they allow you to use their demo mode to use their SmartConsole without having to deploy your own lab.
However there isn't a good way to use the CLI through that so I'll spin up a firewall instance as a VM to get comfortable. This walkthrough is for a standalone deployment, so 1 server will act as both Firewall and Management Server.
The entire process takes less than half an hour, as can be see by the related youtube video linked below.
Pre-requirements
- System Req's for Virtual Machine
- 4GBs of RAM and 2 CPUs
- VM Player
- Check Point R80.10 iso file
1) Open VMware Workstation Player
- Choose >> Create a New Virtual Machine
2) Provide the path to your Check Point .iso image. Click Next.
3) I've had the most success choosing >> Linux 2.4x kernal 64-bit as my OS. Click Next.
4) Name your firewall, and choose the location the VM will be saved. Click Next.
11) Pick your country then Select 'OK'
12) We chose 80GB earlier which enables us to just choose OK here. No changes needed to the partition sizes.
13) Choose your admin password and Select 'OK'
14) We only have a single NIC installed, so go ahead and choose your IP settings. Then Select 'OK'
15) Select 'OK' and the server will install the base image and reload itself.
16) Once the server has reloaded you'll open up internet explorer(not by choice, its the only browser that works). and browse to the servers IP.
Click 'More Information' and then click 'Go on to the webpage' to bypass the certificate warning.
17) Login using admin and the password you chose earlier.
18) Click 'Next' to begin the Configuration Wizard
19) Click 'Next' to continue, unless you want to import a snapshot.
20) You've already configured your Network settings, so Click 'Next'
21) Choose your Servers HostName and enter your DNS Settings
22) Select your timezone, then click 'Next'
23) Choose Security Gateway and/or Security Management, click 'Next'
24) We're deploying a standalone server, so Select both Security Gateway and Security Management and Click 'Next'
25) You can create an additional admin user here. I just stick with admin and click 'Next'
26) This will give specific IPs permissions to access the Security Management Server via SmartConsole, but if you're using DHCP you may find yourself locked out. I just choose 'Any IP Address' and Click 'Next'
27) Go ahead and click 'Finish' and wait.
27a) ...and wait
28) Once the server is up you can log into it via SmartConsole.
28a) Note: You can download the SmartConsole application from the WebUI
29) Once logged in you can see you have full access to SmartConsole
30) You can also ssh into the server and to get that sweet cli experience.
I put together a video for this on Youtube. I kept the walkthrough less than 10 minutes by speeding through the slow times during the install.
All