smartupdate license repository commands

Revision as of 12:51, 23 June 2018 by Nighthawk (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Check Point Profressional Services

License Database/repository Operations:

taken from R77 CP_R77_CLI_ReferenceGuide.pdf


cplic db_print - Print licenses in database/repository

Description Displays the details of Check Point licenses stored in the license repository on the Security Management Server.

cplic db_print <object name | -all> [-n noheader] [-x print signatures] [-t type] [-a attached]

cplic db_add - add license to device or repository

Description Used to add one or more licenses to the license repository on the Security Management server. When local license are added to the license repository, they are automatically attached to its intended Check Point gateway, central licenses need to undergo the attachment process(using cplic put).

cplic db_add < -l license-file | host expiration-date signature SKU/features >

cplic get - retrieve/sync repo with remote gateways

Description The cplic get command retrieves all licenses from a Security Gateway (or from all Security Gateways) into the license repository on the Security Management Server. This command helps you to synchronize the repository with the Check Point Security Gateways. When the command is run, all local changes are updated.

cplic get {<ipaddr>|<hostname>|-all} [-v41]

example: pretend there was a hardware failure, and RMA was performed, the new firewall is up and running backup config produced by clish "show configuration" as run on the failed device prior to failure. the backup config doesn't include the license. this is the job of the license repository/database on the management device (smartcenter or provider-1 CMA). however; it will show as attached to the firewall because that was the last license status before the failure. so, to "detach" it in the repo we can run the command as follows...

[Expert@chkpmgr1:0]# cplic get chkpfw1
Getting licenses from chkpfw1 ...
Retrieved 1 licenses
Detached 1 licenses
Removed 0 licenses

cplic put - add local or attach license remotely

Description Use the cplic put command to attach one or more central or local license remotely. When this command is executed, the license repository is also updated.

cplic put <object name> [-ip dynamic ip] [-F <output file>] -l <license-file> [<host>] [<expiration date>] [<signature>] [<SKU/feature>

cplic del - delete license from repo

WARNING - use with care! deleting a license from an online gateway can cause an outage.
Description Delete a single Check Point license on a host, including unwanted evaluation, expired, and other licenses. Used for both local and remote machines

 cplic del [-F <output file>] <signature> <object name>