| How to manually upgrade from FireWall-1 3.0 to FireWall-1 4.0 (Steps can also apply to any other version upgrade.) |
| Manual upgrade is accomplished by creating a fresh installation of
the new version and importing/merging critical files from the old version.
Before performing the following, test the current system for proper
functionality/operation by creating a temporary firewalled object and
installing a test policy of Accept All or Drop All rule. This will ensure
working Putkeys. NOTE: If you are upgrading from a UNIX box to an NT box be sure to convert the text files from UNIX ASCII to Windows NT 4.0 ASCII and then transfer them to the new box. There are commands on the UNIX boxes called dos2unix and unix2dos to the ASCII dos to UNIX conversion The easiest way is to FTP from the UNIX machine to Windows NT box in ASCII mode. *Also note: that these steps can also be used to perform Disaster recovery from Backup and /or To rebuild a Firewall or Management Station. 1) Backup the following text files; better yet, the whole system at level zero dump. $FWDIR/conf/objects.* $FWDIR/conf/*.W $FWDIR/conf/*.pf $FWDIR/conf/*.fws $FWDIR/conf/fwauth.NDB* $FWDIR/state/*.* $FWDIR/database/*.* 2) To transfer the User database from the old FireWall to the new FireWall, # $FWDIR/bin/fw dbexport -f outfile.txt then, C:> %systemroot%/bin/fw dbimport -f outfile.txt 3) fw confmerge obj40.C obj30.C > objects.C Which merges 4.0 objects.C and 3.0 objects.C into the file objects.C. The proper procedure for performing this merge is as follows: 1.Stop the FireWall (fwstop). 2.Make a backup of the $FWDIR/conf directory. 3.Copy your objects.C files into a temp directory, giving them different names (e.g. objects40.C, objects30.C). 4.Run the command 'fw confmerge objects40.C objects30.C > objects.C' 5.Remove objects.C, objects.C.sav, objects.C.bak from $FWDIR/conf 6.Copy the new objects.C file into $FWDIR/conf. 7.Start the FireWall (fwstart). 4) See the file $FWDIR/state/local.fc for the last Security Policy installed. To rebuild the rulebases.fws: fwstop (WinNT) $FWDIR\bin\fw m -g $FWDIR\conf\rulebase.W (UNIX) $FWDIR/bin/fwm -g $FWDIR/conf/rulebase.W fwstart 5) The only objects.C file should be the one from $FWDIR/conf/ subdir. |
-----Original Message-----
From: Don Guyer [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 18, 2000 10:32 AM
To: Fw-1-Mailinglist (E-mail)
Subject: RE: [FW1] 4.0 to 4.1 SP1 UpgradeBackup the Firewall, pray and then start the upgrade...................
Other than that, look on the CD-ROM, or within the files you downloaded.
-----Original Message-----
From: Andy David [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 18, 2000 9:59 AM
To: fw-1-mailinglist@lists. us. checkpoint. com (E-mail)
Subject: RE: [FW1] 4.0 to 4.1 SP1 Upgrade
Its all on the Checkpoint site in the downloads section
Andy David
Egis, Inc. / J. Muller International
-----Original Message-----
From: Vaughan, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 18, 2000 8:40 AMTo: fw-1-mailinglist@lists. us. checkpoint. com (E-mail)
Subject: [FW1] 4.0 to 4.1 SP1 Upgrade
Does anyone have or know where to find some papers on what I need to do to
perfom the upgrade?Thanks,
Jeff Vaughan, MCSE CCSA
Network Engineer
www.homeloan.com
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
