Hello, I found the following procedure in the KB for changing the community string for a Power 1 appliance. Is it really necessary to start and stop the Firewall just to change community strings?
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk34511&js_peid=P-114a7bc3b09-10006&partition=Advanced&product=SecurePlatform, Solution Procedure: Log in to the SecurePlatform CLI. Log in to Expert Mode. Enable the SNMP service by running the command: snmp service enable Configure the SNMP daemon: Run the cpconfig command. Choose 'SNMP extensions'. Enter 'y' at the prompt and press the Enter key. At this point, both the operating system Management Information Base (MGMT branch 1.3.6.1.2.1.x) and the Check Point MIB (1.3.6.1.4.1.2620.x) are listening on port 161. To verify that the SNMP is running correctly, run the following commands in Expert mode: ps aux | grep snmp netstat -an | grep 161 ps aux | grep cpsnmp snmpwalk -c public -v2c 127.0.0.1 1.3.6.1.2.1 (to check the OS MIB) snmpwalk -c public -v2c 127.0.0.1 1.3.6.1.4.1.2620 (to check the Check Point MIB) If you do not get a response, the SNMP agent is not running correctly. The community name must be added in the $FWDIR/conf/snmp.C file. Procedure: Run the cpstop command. Open the $FWDIR/conf/snmp.C file in a text editor. Find the line::snmp_community Add the community name as the "read" value, as shown in the following example: :snmp_community ( :read (<community name>) :write ()Save and exit the file. Run the cpstart command. To change the SNMP community name both for the Check Point and OS MIB, edit the /etc/snmp/snmpd.users.conf file. For additional information regarding SNMP and SPLAT, refer to R65 SecurePlatform & SecurePlatform Pro User Guide. "The wild requires that we learn the terrain, nod to all the plants and animals and birds, ford the streams and cross the ridges and tell a good story when we get back home." Gary Snyder Please consider the environment before printing this e-mail Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway.
