Configure Check Point Security Gateway using User Data

To configure the Check Point Security Gateway using User Data:

  1. Navigate to Aviatrix CoPilot > Security > FireNet Gateways > select the Firewall tab > click + Firewall.

  2. Fill in the required fields.

  3. Enable Bootstrap Configuration.

  4. Select AWS S3 Bucket or User Data.

  5. Fill in the following parameters. You must specify a custom username and password, and generate a hash string for the password.

    Advanced Field Description

    AWS S3 Bucket

    IAM Role

    S3 Bucket

    User Data

    Type or paste your Bootstrap Configuration data.

    Below is a sample Check Point Bootstrap User Data Configuration to configure the firewall "Allow-all" policy.

    #!/bin/bash
    
    clish -c "set user <user> password-hash <100+ character hash string>" -s
    clish -c 'set interface eth1 state on' -s
    clish -c 'set hostname checkpoint' -s
    blink_config -s 'upload_info=false&download_info=false&install_security_gw=true&install_ppak=true&install_security_managment=false&ipstat_v6=off&ftw_sic_key=<password>'
  1. Click Deploy. Wait 15 minutes for the firewall to boot up and initialize.

  2. Log into the HTTPS interface of the public IP with the username and password specified in the Bootstrap Configuration file.