Check Point NG FP3 step-by-step Install guide on NOKIA IPSO
By Brandon E. Robrahn
INTRO
This document is to be used as a reference on how to install a NOKIA IP350 with Check Point NG FP3. In this
document I have provided a step-by-step reference guide on loading a NOKIA IP350 with IPSO version
3.7.1Build010, and Check Point version NG FP3. Voyager and command line were both used in this guide; this is
just one way that a NOKIA device can be configured as a Check Point Firewall. Not all of the patches and hot fixes
for these versions are shown in this document. There was only one patch applied to this device, this was simply to
show how to apply it to the NOKIA. The two vulnerabilities that have to be addressed when using this version of
Check Point and IPSO are:
1. Hot fix Accumulator 325
2. Open SSL vulnerability
After using this document as a reference guide (not a configuration guide), you should be able to put the device in
line and connect it to a management server with out any issues. This document guides you from entering in the
hostname of the firewall, and ends with applying the default filter and running CPCONFIG. Good luck with your
install and thanks for using this guide as a reference on how to configure a Check Point firewall.
After the start up script runs you will be prompt to enter a hostname, if you hit enter it will get rid of the text
so that you can type the hostname that you choose. Listed below is an actual screen shot taken from
Secure CRT of how an install is performed. I used
commands to configure this Firewall.
Please choose the host name for this system. This name will be used
in messages and usually corresponds with one of the network hostnames
for the system. Note that only letters, numbers, dashes, and dots (.)
are permitted in a hostname.
Hostname?
fw-test
Hostname set to "fw-test", OK? [ y ] ?
Please enter password for user admin:
Please re-enter password for confirmation:
You can configure your system in two ways:
1) configure an interface and use our Web-based Voyager via a remote
browser
2) VT100-based Lynx browser
Please enter a choice [ 1-2, q ]:
Select an interface from the following for configuration:
1) eth1
2) eth2
3) eth3
4) eth4
5) quit this menu
Enter choice [1-5]:
1
Enter the IP address to be used for eth1:
red
y
password
password
1
10.0.0.1
text in the areas where you need to type in