I didn't get any replies here, so I asked this same question on the fw1-gurus list over at phoneboy and quickly got several helpful replies. I'm probably going to dump this mailing list and exclusively follow fw1-gurus list since it doesn't have tons of spam from people asking for pirated material. If you're going to steal from Check Point at least have the common courtesy to email the original thief directly instead of spamming the whole list!
All right, I'm done ranting about the high noise to signal ratio now. In case this can help anyone else the solution is that a reinstall is only necessary if you're changing the firewall's hostname. Changing the IP is not a problem. The specific steps I used to successfully change my firewall's external IP are: 1. Change all my nats to my new IP address space and save policy, but do NOT install it. This wouldn't have to be done now, but I like to get as much done ahead of time as possible. 2. Detach the firewall license in SmartUpdate (I use central licensing). 3. Change the firewall IP at the OS level (with sysconfig since I'm on SPLAT). 4. Change the firewall default route (with sysconfig since I'm on SPLAT). 5. Change the IP in SmartDashboard on the firewall object's general and topology pages. 6. Push policy. This fails since there is no license applied to the firewall, but it also causes SmartUpdate to be updated with the firewall object's new IP address. I'm not sure if this step is necessary, but it didn't seem to hurt. 7. Reattach the license to the firewall object in SmartUpdate. 8. Push policy and watch everything work! > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of Jim Johnson > Sent: Thursday, June 30, 2005 4:58 PM > To: [email protected] > Subject: [FW-1] Change SPLAT IP, is reinstall really needed!? > > According to sk15403, "There is no way to simply change the > hostname and IP > address after installing SecurePlatform. It must be re-installed." I > thought that changing the external IP address was simply a matter of: > 1. Detaching the license in SmartUpdate (I use central licensing) > 2. Changing the IP at the OS level > 3. Changing the IP in SmartDashboard > 4. Reattaching the license to the firewall object > 5. Pushing policy > > Am I reading sk15403 wrong, or do I really need to reinstall > SPLAT just to > change its public IP? > > TIA, > Jim ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
