I was trying the other day to exclude on UTM 1180 gateway some IP address and service combination from being encrypted inside VPN tunnel and noted that any changes you do to the firewall files on the CLI, in this case - crypt.def, do not take effect . It is actually …
Note: For quick reference, I put all the commands below as a cheat sheet PDF: Useful CLI commands for Cisco CUCM, Cisco Unity Connection and IM and Presence I don’t work on the command line of CUCM often, but when the need arises here is the short list of …
Today I was surprised to hear from someone who just took one of the CCNP Security exams that they still test for Reflexive access-lists - what a nostalgy. I was sure it has long been ousted by ip inspect and Zone Based Firewall, but no - it is still tested and still …
There are two ways to be warned when some license or subscription based service from Check Point is about to expire: - Every time we login into the SmartUpdate (part of the SmartConsole suite) if there are any licenses/services to expire within next 30 days we’ll see a pop …
Checkpoint has made available starting with R77.30 this helpful diagnostics and debug utility called cpview of which not many are aware. This is basically a Bash script that runs a bunch of native Checkpoint commands in the background and displays the output on the terminal while updating the data …
The new era of sha-256 (as opposed to sha-1) signed SSL certificates is slowly gaining the pace, not without a gentle push from the browser providers . And Checkpoint is catching up in its new version R77.30 for Open Servers. While on both versions - 77.20 and 77.30 cpopenssl …
Configuring SNMP in Gaia as opposed to SPLAT has been made much simpler. So simple that it is easy to overlook that default configured read-only community is public . So , it is a good idea to change it while enabling SNMP: set snmp agent on set snmp agent-version any set snmp …
via BGP to the world wordpress_id: 2027 category: Cisco tags: Cisco, Linux Once it was a nice-to-have configuration that most ISPs in the world ignored anyway, but today it is a must if you are planning to advertise your networks via BGP through your uplink provider - your route object in …
Yesterday I had to extract some data from a CDR report for a client, namely call start time, its duration and the called number. And while I am sure Google has zillion scripts to be found, it was much faster to hack this one-liner in AWK . The script extracts the …
` Hi there, not much of a script , just the one-liner to turn output of the Secure Platform cli command route/ip route list into the ready for copy&paste; list of Gaia clish commands. Be aware I am not doing any error checking, so examine the final result before applying to …