b20c:c011:5:b109::/64

Following up on the last post, I reinstalled Check Point SPLAT as planned.   The installation again worked without any issues.    This time I installed 1G of RAM and 64G of disk from the start.  I used the basic RedHat profile offered by VBox.  So far everything seems to be working fine.  I have installed policies a couple of times and the firewall is generating log entries as expected.  I only have the management interface active since I wanted to install pure IPv6 on the others…  I expect that shouldn’t make a difference.

Finally, I left the firewall running overnight to see what happens when the PC goes into standby mode and VBox pauses the firewall system.  In the morning I woke the PC (moved the mouse) and then connected with SmartDashbord to the firewall.  Everything is working as if nothing happened, Tracker still active logging away.

Next step…  get Check Point to give me a FW-1/IPv6 license!

Just finished trying to get Check Point R71 running with IPv6.  Funny thing about Check Point licensing, you can’t install the IPv6 Advanced feature pack unless you have a Firewall-1/VPN-1 license in your user center.   I had downloaded the standard blade and security gateway evaluation licenses and these were not recognized as valid for the IPv6 pack.

Some interesting things that did work (at least for a while).  Check Point SPLAT installed without any problems on VBox 3.2.8 r64453.  During the installation process I selected RedHat Linux as the OS since SPLAT runs on a hardened version of RedHat.  Otherwise I selcted the following options: 8G disk, 1M RAM *double check*.  I also added three network interface, Intranet, DMZ and a bridged interface to the WLAN, which I defined as the management interface and gave a static address from the WLAN range.  Once complete I was able to access the Mgmt interface with a browser and complete the configuration steps.  I then downloaded the GUI and connected to the local SmartCenter.  I also generated licenses and installed them via the web browser with cut/paste.  Finally I added a basic rule entry to allow my Windows workstaion to access the firewall. Everything worked as planned, with one execption.  I tried to open SmartTracker and the only entry I saw was that the disk for the log was too small.  Could have something to do with the 8G disk I selected (although the installation didn’t complain).  I then shut down the system and tried to add another disk under VBox to give the system an additional 32G.  Unfortunately once I brought the firewall back up, I got the error message that it could not load the data base when I tried to access it with the management GUI.  I tried to fix the problem by resetting the applications.C file but that did not help, since I got same error message after starting the firewall again.

Next steps… I need to reinstall the firewall, this time with 32G disk to start and see if that helps.  I also need to get in touch with Check Point and see if I can’t get the test licensing worked out so that I can download the IPv6 feature pack.  According to the release notes, IPv6 should have full support on R71, so I would be interesed in seeing it work.