ssh tunneling r80.x smartconsole GUI

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services

Contents

disclaimer

this is not a recommended or secure configuration for production systems!

sshd_config

modify the line

AllowTcpForwarding no

to

AllowTcpForwarding yes

and restart sshd

/etc/init.d/sshd restart

ssh tunnel commands

Main GUI connection - port 19009

# ssh -f -N -L <relay_host>:19009:<r80_mgmt_svr>:19009 username@<r80_mgmt_svr>

CRL download - port 18264

# ssh -f -N -L <relay_host>:18264:<r80_mgmt_svr>:18264 username@<r80_mgmt_svr>

ICA connection - port 18190 - needed for manipulating objects which have SIC attributes

# ssh -f -N -L <relay_host>:18190:<r80_mgmt_svr>:18190 username@<r80_mgmt_svr>

GUI connection

lauch the smartconsole and specify the <relay_host> ip or hostname as the destination