On Sat, Mar 6, 2010 at 12:21, Gareth Williams <[email protected]> wrote: > Hi Dave, > > I am not sure whether you are aware but R55/56 is no longer supported so you > may not be able to raise a case with Checkpoint TAC. Unfortunately if you > rebuild the management server and restore the backup that you currently have > it will NOT realise that the enforcement module has a newer policy and allow > you to restore from the gateway. If you do restore your backup and your > firewall reboots etc it will try and fetch policy from the management > server, in this case it may take the old policy. I am not sure how many > changes you have made since your last backup or how big your environment is, > but restoring that backup is probably going to be your best bet, short of > starting from scratch. If the management server only manages one firewall > you could take a "cpinfo" from the firewall and open it in "infoview" (not > sure if this is publicly available). This will allow to view the gateways > policy in smartdashboard and assist your in recreating any changes if you > decide to restore from backup. >
If he does restores the backup, he will have two options: - update the backup to match the current state as best as he can: from trouble tickets, e-mail with requested modifications and so on. - push the old policy and wait for people to screm when things break and fix them :) > Is it a case that the hard disks from the management server are completely > dead? If you can access the disks at all it may be possible to copy certain > key files in order to restore your management! > He can setup a new machine, run an upgrade_export on it, see what files the utility backs up and try to salvage those files from the dead disk(s) and archive them to create a self-made upgrade_export file and hope for the best when he'll run upgrade_import on the new smartcenter server. Eugeniu Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
