Check Point Gaia Configuration Backup

Check Point support several different methods to perform a backup of security gateways running the Gaia Operating System. These include:

  • Snapshots – includes a full image of the entire root disk partition, including Check Point product, configuration, and Operating System.
  • System backup – a compressed file that contains the Check Point configuration, including network and operating system parameters, such as routing and interface configuration. Does not include the operating system, product binaries and hotfixes.
  • Save configuration – Gaia Operating System configuration settings, including interfaces, routing (static, BGP, OSPF) etc.

The save configuration method includes all the CLI commands which are useful when migrating to new hardware when you just want the CLI commands to configure the specific settings, without restoring the Check Point product or Operating System configuration. The configuration backup file is a few KB in size, compared to a snapshot which is several gigabytes in size and the system backup which is hundreds of megabytes.

Procedure

This post will cover using the save configuration method.

  • From the Gaia CLI (clish) run the command save configuration <filename>
save configuration backup.txt

The configuration settings have been saved to a file specified and can be accessed from expert mode.

  • Login to expert mode
  • Run the command dir to confirm the file exists.
[Expert@LAB5200:0]# dir
backup.txt
  • Use SCP to copy the configuration file off the gateway to an external SCP server. Run the command scp <filename> <username>@<scp server>:/
[Expert@LAB5200:0]# scp backup.txt admin@192.168.1.10:/
admin@192.168.1.10's password:
backup.txt                                    100% 7649     1.3MB/s   00:00

To import the configuration to a new appliance (or restore), copy the file backup to the gateway.

LAB5200> set clienv on-failure continue
LAB5200> load configuration backup.txt
error : xmlEncodeEntitiesReentrant : input not UTF-8
error : xmlEncodeEntitiesReentrant : char out of range
error : xmlEncodeEntitiesReentrant : input not UTF-8
error : xmlEncodeEntitiesReentrant : char out of range
error : xmlEncodeEntitiesReentrant : char out of range
error : xmlEncodeEntitiesReentrant : char out of range
error : xmlEncodeEntitiesReentrant : char out of range
Done.
LAB5200> set clienv on-failure stop
LAB5200> save config
Tags: , ,