Nokia - Installing HFA30 onto a Diskless / Flash based Check Point Firewall
The following steps will allow HFA30 to install on flash based system if the /opt has less then 400mb.
Before we start you should ideally have the following free,
- /opt = 212184
- /prevserve = 480694
tar xzvf ~/VPN-1_R65_HFA_30.ipso.tgz
The output from df -k should now show over 400MB (400,000KB) available on /opt.
Alternative way to install HFA30 Install onto Diskless Nokia’s (1GB FLASH)
The alternative is to copy a R65 HFA30 tgz from a IPSO device which has already been upgraded to HFA30 to the installed package folder of your device you are wanting to upgrade. Due to it being the same name, once the device has been rebooted the bootmgr will decompress and run the R65 HFA30 package.
The R65 HFA30 file can be found on a IPSO device currently running R65 HFA 30 in /opt/packages/installed/fw1_R65_IPSO.tgz
It is important that you confirm the file that you are copying across is the same as the existing file on the device. The first option is just to gain an overview of what’s running on the system.
- clish -c "show package active"
- ipso[admin]# ls /opt/packages/installed/
What are the steps ?
Note that pscp is scp putty, which is used to transfer the file. To download this free program please visit the putty website.
- ipso[admin]# cpstop
- pscp fw1_R65_IPSO.tgz [username]@[fw ip]:/opt/packages/installed
- Confirm that the new package has copied across correctly ipso[admin]#gzip –t –v /opt/packages/installed/fw1_R65_IPSO.tgz
- Reboot the device
- Confirm that the device is now running HFA30 - ipso[admin]#fw ver