Actually, this exchange reminded me that I needed to update the libsw on my Smartcenter server. :)
The libsw software needs to be updated before you push policy, if you are managing your UTM-1 Edge from your Smartcenter server. You can either update these file right before or right after the firmware upgrade on the UTM-1 Edge box. Having the wrong libsw doesn't affect the VPN, as I have proven over the last day or so. The update doesn't prompt you for a reboot, it just does it when the firmware is installed. The update process doesn't have a status bar, progress bar or anything. The steps include uploading, installing and rebooting and happen in sequence after the 'upload' button is pressed with no further intervention or participation on your part. Mick Toothaker -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of John Lindblom Sent: Thursday, June 17, 2010 2:05 PM To: [email protected] Subject: Re: [FW-1] UTM-1 Edge Software Upgrade That's good to know. I'm assuming you upgraded the Libcw files on the firewall also with no problems and can manage the Edge from the Management Server? Did you go to 8.x Libsw version on R65 prior to the Edge upgrade to 7.5 -> 8.0? Does the upgrade prompt for a reboot or something after the upgrade or does it automatically reboot? Thanks, John From: Mick Toothaker <[email protected]> To: [email protected] Date: 06/17/2010 01:29 PM Subject: Re: [FW-1] UTM-1 Edge Software Upgrade Sent by: Mailing list for discussion of Firewall-1 <[email protected]> We have a very similar environment, with R65 at our main location and a UTM-1 Edge at a distant site, and a site-to-site VPN between. I did the 7.0 -> 7.5 -> 8.0 some time ago. I connected from our main location via the VPN, and used the web interface to upload the new .bin file. It worked fine, taking about 5 minutes for each upgrade. It didn't wipe the settings out, and I didn't have to reconfigure the VPN. Yesterday I upgraded our UTM-1 Edge from 8.0.42 to 8.1.37, using the same method (and success) as before. Now, your mileage might vary. Mick Toothaker -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of John Lindblom Sent: Thursday, June 17, 2010 9:48 AM To: [email protected] Subject: Re: [FW-1] UTM-1 Edge Software Upgrade Searching the CP Knowledge Base it appears it's recommended to upgrade from 7.0 to 7.5 to 8.0 because the difference between 7.0 and 8.0 is to big and causes connection issues. It's also recommending a TFTP upgrade and what appears to be basically setting the device back to factory default first. I'm beginning to think just upgrading to 7.5.55 (supported by R71) might be the way to go at this time if going to 8.0 is such a drastic change to a device out of my reach. John From: John Lindblom <[email protected]> To: [email protected] Date: 06/17/2010 08:30 AM Subject: [FW-1] UTM-1 Edge Software Upgrade Sent by: Mailing list for discussion of Firewall-1 <[email protected]> I'm looking for recommendations from anyone that works with the UTM-1 Edge devices for Site-to-Site VPN's with remote offices. In preparation for an upgrade from an R65 SPLAT Management Server/Gateway to R71 (new hardware), I need to first get a UTM-1 Edge device I have upgraded from v7.0.33 to v8.0.42 and also Libsw files on the R65 management server/gateway. I actually have a cold spare at the remote site as a backup so I'm looking at getting that one connected and upgraded first and then the other one. My plan is to first get the Libsw files updated (backward compatible) on R65 then connect remotely to a computer at that location and do a manual upgrade from the web interface. I'm hoping I will not loose the remote connection to the PC over the VPN until I restart after the upgrade. I'm also assuming the current configuration will remain and the Site-to-Site VPN will come up with the Edge upgraded to the V8 software and then a policy install from the R65 Management Server. I have no way to test this in advance and I'm also assuming I can reconnect the second Edge with the V7.0.33 software and repeat the process to upgrade that one. John ------------------------ The information contained in this email and any attachments may contain confidential, proprietary, business sensitive, privileged or controlled information. If you are not the intended recipient, any disclosure, dissemination, distribution, duplication or other unauthorized use of the information contained in this email or any attachment is strictly prohibited. Unauthorized interception of this e-mail is a violation of law. If you are not the intended recipient, please notify the sender by reply email and immediately and permanently delete this mail and any attachments and any copies of them. Technical data and/or information provided in this email or any attachment may be subject to U.S. export control laws. Export, re-export, diversion or disclosure contrary to U.S. law is prohibited. It is your responsibility to check this email and any attachments for viruses or other harmful code before opening or forwarding. ------------------------ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ------------------------ The information contained in this email and any attachments may contain confidential, proprietary, business sensitive, privileged or controlled information. If you are not the intended recipient, any disclosure, dissemination, distribution, duplication or other unauthorized use of the information contained in this email or any attachment is strictly prohibited. Unauthorized interception of this e-mail is a violation of law. If you are not the intended recipient, please notify the sender by reply email and immediately and permanently delete this mail and any attachments and any copies of them. Technical data and/or information provided in this email or any attachment may be subject to U.S. export control laws. Export, re-export, diversion or disclosure contrary to U.S. law is prohibited. It is your responsibility to check this email and any attachments for viruses or other harmful code before opening or forwarding. ------------------------ Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ------------------------ The information contained in this email and any attachments may contain confidential, proprietary, business sensitive, privileged or controlled information. If you are not the intended recipient, any disclosure, dissemination, distribution, duplication or other unauthorized use of the information contained in this email or any attachment is strictly prohibited. Unauthorized interception of this e-mail is a violation of law. If you are not the intended recipient, please notify the sender by reply email and immediately and permanently delete this mail and any attachments and any copies of them. Technical data and/or information provided in this email or any attachment may be subject to U.S. export control laws. Export, re-export, diversion or disclosure contrary to U.S. law is prohibited. It is your responsibility to check this email and any attachments for viruses or other harmful code before opening or forwarding. ------------------------ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
