Support Center > Search Results > SecureKnowledge Details
The CPInfo utility
Solution

Table of Contents:

  • Introduction
  • Usage Instructions
  • CLI Syntax
  • Data Collected
  • System Requirements
  • First Time Installation Instructions
  • Manual update of cpinfo in SmartConsole
  • Troubleshooting
  • Known Limitations
  • Revision History

 

Click Here to Show the Entire Article

 

Introduction

CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for uploading files to Check Point servers).

The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.

When contacting Check Point Support, collect the CPInfo files from the Security Management server and Security Gateways involved in your case.

Check Point also offers the Check Point Uploader, a GUI-based utility to upload files that were requested by Check Point Support to Check Point User Center. This utility relies on the CPInfo utility and is automatically installed by it on Windows OS. For more information regarding the Check Point Uploader please refer to sk108152.

Main benefits of using the CPInfo utility over SFTP:

  • Authentication is using the Check Point User Center credentials
  • Files are encrypted before being uploaded to Check Point
  • Files are verified for MD5 and size
  • Notification system for upload process
  • Hold/resume features
  • Built on top of HTTPS and SFTP protocols

     

Usage Instructions

CPInfo can be run directly on the command line (in all versions), or can be called from SmartUpdate (versions R75.47 and above).

CLI SmartUpdate
  • On Gaia OS: run cpinfo [flags] in Clish or in Expert mode
  • On SecurePlatform OS: run cpinfo [flags] in Expert mode
  • On Linux OS: run cpinfo [flags] on CLI
  • On IPSO OS: run cpinfo [flags] on CLI
  • On Windows OS: run cpinfo [flags] in Windows Command Prompt
  • On all versions, run cpinfo -h to see additional help
  1. Connect with SmartUpdate GUI to Security Management Server / Domain Management Server.
  2. Go to Package Management tab
  3. Right-click on the Security Gateway / Management Server object, from which you want to collect the CPInfo.
  4. Select "Upload diagnostics (CPInfo) to Check Point...".
  5. Enter your User Center credentials, SR number, and click OK.


Generating CPInfo on Multi-Domain Management Server / Provider-1 

  1. Log into Multi-Domain Management Server (MDS) as "superuser".
  2. Enter Expert mode
  3. Go to the MDS environment by running: [Expert@HostName]# mdsenv
  4. Verify the correct environment by running: [Expert@HostName]# echo $FWDIR
    For example, the response will be: /opt/CPmds-RXX/
  5. Run CPInfo

To collect CPInfo from the context of CMA/Domain that manages the Security Gateway:
  1. Log into Multi-Domain Management Server (MDS) as "superuser".
  2. Enter Expert mode
  3. Go to the MDS environment by running: [Expert@HostName]# mdsenv
  4. Verify the correct environment by running: [Expert@HostName]# echo $FWDIR
    For example, the response will be: /opt/CPmds-RXX/
  5. Run CPInfo:
    [Expert@HostName]# cpinfo -c CMA_Name1 CMA_Name2

    In the above example, CPInfo will generate 3 files:

    HostName_DateTime.info - contains execution summary
    HostName_DateTime_CMA_Name1.info - CPInfo collected from CMA_Name1
    HostName_DateTime_CMA_Name2.info - CPInfo collected from CMA_Name2 


CLI Syntax

Important Notes:

  • Starting on 02 Oct 2016, the CPInfo package was replaced (starting in build 914000164):

    • Added support for SHA-256 based certificates (refer to sk103839).
    • Integrated functionality of the standalone cp_uploader utility (sk84000).
      Due to this integration, the syntax was slightly updated, and the standalone cp_uploader utility was deprecated.
  • The new CPInfo utility can be used to upload files to Check Point cloud even on machines without any installed Check Point software.

Syntax:

On Gaia / SecurePlatform / IPSO / Linux OS On Windows OS
# cpinfo [-h] | [-v] | [-l] [-k] [-i] [-a | -d] [-D] [-x]
[-y all | <product>]
[-z] [-o <filename>]
[-n] [-f <FILE1> <FILE2> ... ] [-w <filename>] 
[-s <SR_Number>]
[-u <username>] | [-K <CK_Number>]
[-c <DOMAIN1> <DOMAIN2> ... ]
[-e <e-mail>]
[-T <timeout>]
[-R <e-mail>]
C:\> cpinfo [-h] | [-v] | [-l] [-k] [-i] [-a | -d] [-D] [-g] [-F | -r ] [-t]
[-y all | <product>]
[-z] [-o <filename>]
[-n] [-f <FILE1> <FILE2> ... ] [-w <filename>]
[-s <SR_Number>]
[-u <username>] | [-K <CK_Number>]
[-e <e-mail>]
[-R <e-mail>]
[-b | -j <conf_file>]

Show / Hide the explanation about the flags

Argument Description Important Notes
none Collect the CPInfo output file
  • The output file will be created in the current working directory
    under the name HostName_DD_MM_YYYY_HH_mm.info
-h Display built-in help and exit  
-v Show CPInfo version and exit  
-y all | <product> Show installed hotfixes
(either all, or for specific product)
-l Include export of $FWDIR/log/fw.log
records in the CPInfo file
  • This will cause additional CPU load and memory consumption
-k Include contents of FireWall and SecureXL
kernel tables in the CPInfo file
(outputs of fw tab -t <table>, fwaccel conns)
  • This will cause additional CPU load and memory consumption
-c <Domain_Name> Generate CPInfo file for the
specified Domain Management Server
  • Applies only to Multi-Domain Management Server
  • Allows to collect CPInfo (and MDS export on R80 or above)
    per certain Domain without having to switch to its context
-o <filename> Write the collected information
into the specified output file
  • Creates output file named <filename>.info,
    unless this file extension was already specified
  • If "-o" is not specified, then file named
    <HostName_DD_MM_YYYY_HH_mm.info>
    is created in the current working directory
    (example for file created on machine "R77.30-GW",
    on 05 Oct 2016, at 15h 04m -
    R77.30-GW_5_10_2016_15_04.info)
  • Can be used in combination with "-z"
  • Can be used in combination with "-i"
  • Can NOT be used in combination with "-n"
-z Compress the CPInfo output file
  • Used in combination with "-o"
  • If the "Allow Upload" consent flag is enabled (sk111080),
    then the file is compressed by default (even without "-z")
-i Non-interactive mode
  • CPInfo does not ask for the "SR Number"
  • Can be used in shell scripts for automation
  • Should be used in combination with "-n" or "-R"
  • Can NOT be used in combination with "-a"
-a Force the update check of CPInfo utility
(by default, it is checked once a week)
  • Can NOT be used in combination with "-d"
  • Can NOT be used in combination with "-i"
-d Do not check for updates of CPInfo utility
  • Can NOT be used in combination with "-a"
-D Do not upload files to Check Point
  • Can NOT be used in combination with "-f" or "-w" or "-e"
-n Do not collect and create CPInfo file
  • Should be used in combination with "-f" or "-w"
  • Can NOT be used in combination with "-o"
-f <file> Upload additional files to Check Point cloud
  • Should be used in combination with "-n" and "-i"
  • Either specify a single file: file
    Or specify multiple files: file1 file2 file3 ...
    (multiple files must be separated by spaces)
  • Also refer to "-w"
  • If the file to be uploaded is not compressed,
    then CPInfo utility will first compress it, and then upload it
-w <filename> Specifies a file that contains a list of files
to be uploaded to Check Point cloud
  • Used instead of "-f"
  • Lines in this file must be separated by the "\n" character
    (press Enter after each line)
-s <SR_Number> Specify the number of Service Request
opened with Check Point Support
  • For example, -s 28-123456789
-u <username> Connect to Check Point User Center
with specified username
  • <username> is your e-mail used for User Center login
  • User will be asked to enter a password
  • If "-u" is not used, then CK of this machine is used for authentication
  • Also refer to "-K <CK_Number>"
-K <CK_Number> Connect to Check Point User Center
with specified CK Number
  • Used instead of "-u"
  • Run the "cplic print" command
    and take only the hex digits after the "CK-"
  • Exists since Build 914000164
-e <e-mail> Specify the e-mails of people that
should be notified about upload status
  • Either specify a single e-mail:
    user@exampledomain.com
  • Or specify multiple e-mails:
    "user1@exampledomain.com;user2@exampledomain.com;..."
    • must be enclosed in double-quotes
    • must be separated by semi-colons
-T <timeout> Specify the timeout (in seconds) for the
commands executed by the CPInfo utility
  • Applies only to Gaia / SecurePlatform / IPSO / Linux OS
  • Default timeout is 5 minutes (600 seconds)
  • Value "0" means no timeout
  • This does not apply to collection of the CPInfo output file itself
-R <e-mail> R80 upgrade simulation service mode
  • Applies only to Security Management / Multi-Domain Management Server
  • Collects relevant information for simulating an upgrade to R80
  • Can only be used in combination with "-i"
  • Requires e-mails to notify about upload status
    • Either specify a single e-mail:
      user@exampledomain.com
    • Or specify multiple e-mails:
      "user1@exampledomain.com;user2@exampledomain.com;..."
      • must be enclosed in double-quotes
      • must be separated by semi-colons
This allow users of versions R75.40-R77.30 to check if their system
can be easily upgraded to R80. Besides the regular data collection,
CPInfo utility will export the relevant files (using a custom version
of export tools) and will upload the output to a destination folder
on Check Point FTP server. Both files will have a unique name consistent
of a 10-digit number to match the CPInfo and the export files together,
a counter (102 or 202) to state how many files were uploaded,
the name of the machine and the time stamp. Once the files are uploaded,
they will be handled by R80 upgrade simulation service team.
For additional information, refer to sk110267.
-x Do not export the management database
  • Applies only to versions R80 or above
  • On Security Management Server - will not collect migrate export
  • On Multi-Domain Management Server - will not collect MDS export
-j <conf_file> Create a CPInfo configuration file <conf_file>
  • Applies only to Windows OS
  • Requires installed Check Point Software on this machine
  • Can NOT be used in combination with "-n"
  • Must wait for the CPInfo output file to be collected:
    CPInfo output file is collected, and name of each
    collected section / command / file is saved in this
    configuration file (which can be edited, so that
    irrelevant data is not collected)
-b CPInfo will perform according to the
configuration file that was created with "-j"
(you can delete irrelevant lines from that file)
  • Applies only to Windows OS
  • Requires installed Check Point Software on this machine
-g Do not resolve network addresses
  • Applies only to Windows OS
  • Requires installed Check Point Software on this machine
-F
-r
Include the Windows Registry in the CPInfo file
  • Applies only to Windows OS
  • "-F" exists since Build 914000164
  • "-r" exists in Build 914000158 and lower
-t Output consists of tables only
  • Applies only to Windows OS
  • Applies only to machine with installed SecureRemote client

Examples:

Show / Hide the examples

Note: Refer to explanations in the "Allowing upload of data to Check Point / download of data from Check Point" section.

# What to do How to do it
1
  • Generate the CPInfo file
  • Create the file in the current working directory
  • Use the default name
  • Do not compress the output file
The final file will be
HostName_DD_MM_YYYY_HH_mm.info
# cpinfo
2
  • Generate the CPInfo file
  • Create the file in the current working directory
  • Use the default name
  • Compress the output file
The final file will be
HostName_DD_MM_YYYY_HH_mm.info.gz
# cpinfo -z
3
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile with default extension .info
  • Compress the output file
The final file will be /var/tmp/myfile.info.gz
# cpinfo -z -o /var/tmp/myfile
4
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile with default extension .info
  • Include export of $FWDIR/log/fw.log records
  • Include contents of FireWall and SecureXL tables
  • Compress the output file
The final file will be /var/tmp/myfile.info.gz
# cpinfo -l -k -z -o /var/tmp/myfile
5
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile.cpinfo
  • Compress the output file
  • Upload the output file to Check Point:
    • log in with user@exampledomain.com
    • upload to Service Request 28-123456789
The final file will be /var/tmp/myfile.cpinfo.gz
# cpinfo -z -o /var/tmp/myfile.cpinfo -u user@exampledomain.com -s 28-123456789
6
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile.cpinfo
  • Compress the output file
  • Upload the output file to Check Point:
    • log in with CK-123456789000
    • upload to Service Request 28-123456789
The final file will be /var/tmp/myfile.cpinfo.gz
# cpinfo -z -o /var/tmp/myfile.cpinfo -K 123456789000 -s 28-123456789
7
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile.cpinfo
  • Compress the output file
  • Upload the output file to Check Point:
    • log in with user@exampledomain.com
    • upload to Service Request 28-123456789
  • Notify people about upload status
The final file will be /var/tmp/myfile.cpinfo.gz
# cpinfo -z -o /var/tmp/myfile.cpinfo -u user@exampledomain.com -s 28-123456789 -e "user1@exampledomain.com;user2@exampledomain.com"
8
  • Generate the CPInfo file
  • Create the file in the directory /var/tmp/
  • Use the file name myfile.cpinfo
  • Compress the output file
  • Do not prompt for an SR Number
# cpinfo -i -z -o /var/tmp/myfile.cpinfo
9
  • Do not generate the CPInfo file
  • Upload the file /var/log/myfile.txt
    • log in with user@exampledomain.com
    • upload to Service Request 28-123456789
  • Notify people about upload status
# cpinfo -n -i -f /var/log/myfile.txt -u user@exampledomain.com -s 28-123456789 -e "user1@exampledomain.com;user2@exampledomain.com"
10
  • Do not generate the CPInfo file
  • Upload all files listed in the /var/log/upload_these_files.txt
    • log in with user@exampledomain.com
    • upload to Service Request 28-123456789
  • Notify people about upload status
# cpinfo -n -i -w /var/log/upload_these_files.txt -u user@exampledomain.com -s 28-123456789 -e "user1@exampledomain.com;user2@exampledomain.com"
11
  • Create a CPInfo configuration file
Note: Must wait for the CPInfo output file to be collected
# cpinfo -n -i -F -j C:\CPinfo_config.txt

 

Data Collected

CPInfo collects the entire Security Gateway installation directory, including $FWDIR/log/* and other log files. Some of the other viewable information includes:

  • System message logs
  • Module version information
  • Installed hotfixes information
  • OS and network statistics
  • Interfaces and devices information
  • Various FW1 tables
  • Configuration and database files
  • Core dump files

 

System Requirements

Supported Operating Systems
  • Gaia
  • SecurePlatform
  • Linux
  • IPSO 6.x
  • Windows (Must have Microsoft Visual C++ 2012
    Redistributable (x86)
    installed - refer to sk108846)
For Solaris and IPSO 3.x/4.x, refer to sk30567.
Supported versions All
DNS DNS server must be configured on the machine, on which you run CPInfo
Uploading CPInfo files to Check Point To upload CPInfo files to Check Point, the following ports should be open:
  • For Authentication (HTTPS - port 443):
    • services.checkpoint.com
  • File uploading (HTTPS - port 443, or SFTP - port 22):
    • ftp-proxy.checkpoint.com
    • mercury.ts.checkpoint.com
    • fairfax.ott.checkpoint.com

 

  • Connecting through a Proxy

    This section is relevant for machines that access the Internet through an HTTP proxy server while Check Point Security Gateway / Security Management on that machine is not configured with such proxy (as described in Administration Guide).

    CPInfo utility updates itself and uploads files over HTTPS protocol.

    CPInfo utility will read the proxy configuration that was configured on the Security Gateway (either in SmartDashboard, or on CLI).

    The proxy can be configured either in SmartDashboard, or on the Security Gateway machine.

    Show / Hide proxy configuration instructions for all platforms
    1. In the SmartDashboard:

      1. Open the Security Gateway object

      2. Go to Network Services pane

      3. In the Proxy section, configure the relevant proxy settings, and click on OK

        Example:
      4. Install policy

    2. On the Security Gateway machine:

      • On Gaia OS - in Clish:

        1. Configure the proxy:
          HostName:0> set proxy ipv4-address http://PROXY_HOST port PROXY_PORT

        2. Save the configuration:
          HostName:0> save config
      • On Gaia / SecurePlatform / IPSO OS - in Expert mode:

        1. In the $CPDIR/tmp/.CPprofile.sh script

          Add this line:
          http_proxy=http://USERNAME:PASSWORD@PROXY_HOST:PROXY_PORT ; export http_proxy

          (where "username" and "password" are the proxy credentials - only if needed)

          Under this line:
          INFODIR=/opt/CPinfo-10 ; export INFODIR
        2. Restart all Check Point services:
          [Expert@HostName]# cpstop ; cpstart

      • On Windows OS:

        1. Start - Run... - "%WINDIR%\system32\rundll32.exe" sysdm.cpl,EditEnvironmentVariables - OK

        2. Under 'System Variables' - click on 'New...'

          • name: http_proxy
          • value: http://USERNAME:PASSWORD@PROXY_HOST:PROXY_PORT
          • and click 'OK'
          (where "username" and "password" are the proxy credentials - only if needed)
        3. Click on 'OK'.

        4. Reboot the machine.



 

First Time Installation Instructions

Note: On versions R75.46 and lower, downloading and updating the CPInfo should be done once. After the tool was updated, it will be able to perform self-update.

  • For Gaia (using CPUSE)

    Show / Hide the installation instructions for Gaia

    For detailed installation instructions, refer to sk92449: CPUSE - Gaia Software Updates (including Gaia Software Updates Agent) - section "(4) How to work with CPUSE".

    • Online installation in Gaia Portal:

      1. Connect to the Gaia Portal on your Check Point machine.
      2. Navigate to Upgrades (CPUSE) section (in Gaia OS R77.20 and above) / to Software Updates section (in Gaia OS R77.10 and lower) - click on Status and Actions.
      3. Click on the filter button near the help icon and select All.
      4. Select the CPInfo package "Check Point CPinfo build <Number> for <Version>" - click on More button on the toolbar - click on Verifier (or right-click on the package and click on Verifier).
      5. Select the CPInfo package - click on Install Update button on the toolbar.
      6. Reboot is not required.
      7. Check the build number of CPInfo utility:
        Connect to the command line and run:
        [Expert@HostName:0]# cpinfo -v
        The output should be:
        This is Check Point CPinfo Build 914000xxx for GAIA
    • Online installation in Gaia Clish:

      1. Connect to command line on Gaia OS.
      2. Log in to Clish.
      3. Acquire the lock over Gaia configuration database:
        HostName:0> lock database override
      4. Check the available packages:
        Note: Refer to the top section "Hotfixes" - refer to "Check Point CPinfo build <Number> for <Version>"
        HostName:0> show installer packages available-for-download
      5. Verify that this package can be installed without conflicts:
        HostName:0> installer verify <Package_Number>
      6. Download the hotfix package from the Check Point Cloud:
        HostName:0> installer download <Package_Number>
      7. Show the downloaded packages:
        HostName:0> show installer packages downloaded
      8. Install the downloaded package:
        HostName:0> installer install <Package_Number>
        Note: The progress (in per cent) will be displayed in Clish.
      9. Reboot is not required.
      10. Check the build number of CPInfo utility:
        Connect to the command line and run:
        HostName:0> cpinfo -v
        The output should be:
        This is Check Point CPinfo Build 914000xxx for GAIA

    Notes:

    • The CPInfo utility will be installed into /opt/CPinfo-10/ directory
    • The installation log file is /opt/CPInstLog/install_status.log
      (in addition, refer to /opt/CPInstLog/install_cpinfo_10.elg)
    • The CPInfo installation directory will automatically be added to the $PATH environment variable


  • For Gaia (using Legacy CLI) / SecurePlatform / Linux

    Download the latest CPInfo utility from the table below:

    Platform Product Version Download CPInfo
    CPInfo for Gaia / SecurePlatform / Linux OS Pre-R80
    CPInfo for Gaia / SecurePlatform / Linux OS R80

    Note: If the download of CPInfo utility is impossible, either install it from the /sysimg/CPwrapper/linux/CPinfo/CPinfo-10-00.i386.rpm, or extract the /linux/CPinfo/CPinfo-10-00.i386.rpm package from the CD.

    • Show / Hide the installation instructions for Gaia / SecurePlatform / Linux with Check Point software

      Run the following commands from the directory where you put the downloaded file:

      1. Place the file in a temp directory on the target system.

      2. Go into that directory.

      3. Unpack the CPInfo package:
        [Expert@HostName]# tar -xvzf cpinfo_<package_name>.tgz

      4. Install the CPInfo utility:
        [Expert@HostName]# rpm -Uvh --force CPinfo-10-00.i386.rpm

        Notes:

        • The CPInfo utility will be installed into /opt/CPinfo-10/ directory
        • The installation log file is /opt/CPInstLog/install_status.log
          (in addition, refer to /opt/CPInstLog/install_cpinfo_10.elg)
        • The CPInfo installation directory will automatically be added to the $PATH environment variable
      5. Log out from all shells on the target system.

      6. Log in to the shell before.

      7. Verify that the CPInfo utility was installed:
        [Expert@HostName]# rpm -qa | grep CPinfo

        Note: If the CPinfo-10-00 package does not appear in the output, try to rebuild the RPM database:
        [Expert@HostName]# rpm -v --rebuilddb
      8. Check the build number of CPInfo utility:

        • Either run:

          [Expert@HostName]# cpinfo

          The output should be:

          This is Check Point CPinfo Build 914000xxx for GAIA

          Verifying CK...

        • Or run:

          [Expert@HostName]# cpinfo -v

          The output should be:

          This is Check Point CPinfo Build 914000xxx for GAIA


    • Show / Hide the installation instructions for Linux without Check Point software

      Run the following commands from the directory where you put the downloaded file:

      1. Place the file in a temp directory on the target system.

      2. Go into that directory.

      3. Unpack the CPInfo package:
        # tar -xvzf cpinfo_<package_name>.tgz

      4. Install the CPInfo utility:
        # sudo rpm -ivh --nodeps --noscripts --force CPinfo-10-00.i386.rpm

        Notes:

        • The CPInfo utility will be installed into /opt/CPinfo-10/ directory
        • The installation log file is /opt/CPInstLog/install_status.log
          (in addition, refer to /opt/CPInstLog/install_cpinfo_10.elg)
        • The CPInfo installation directory is not automatically added to the $PATH environment variable (will be resolved in future builds)
      5. Verify that the CPInfo utility was installed:
        # rpm -qa | grep CPinfo

        Note: If the CPinfo-10-00 package does not appear in the output, try to rebuild the RPM database:
        # rpm -v --rebuilddb
      6. Check the build number of CPinfo utility:

        • Either run:

          # /opt/CPinfo-10/bin/cpinfo

          The output should be:

          This is Check Point CPinfo Build 914000xxx for GAIA

          Verifying CK...

        • Or run:

          # /opt/CPinfo-10/bin/cpinfo -v

          The output should be:

          This is Check Point CPinfo Build 914000xxx for GAIA


  • For IPSO

    Download the latest CPInfo utility for IPSO from the table below:

    Platform Product Version Download CPInfo
    CPInfo for IPSO OS Pre-R80

    • Show / Hide the installation instructions for IPSO
      • Installation in Voyager:

        1. Log into "Voyager".
        2. Copy the CPInfo package to the machine:
          1. Download the CPInfo package (the TGZ file) to your local computer.
          2. Select 'Configuration' > 'System Configuration' > 'Packages' > 'Install Package'.
          3. In the 'Install Package from Remote' section, choose 'Upload'.
          4. Click 'Choose file' and select the package from the local file system.
          5. Click 'Apply' at the bottom of the page and wait until upload process finishes (it can take a few minutes).
        3. Select the CPInfo version you wish to install and click 'Apply'.
        4. Click on the "Click here to install/upgrade /opt/packages<package_name>.tgz" link.
        5. In the 'Package Installation and Upgrade' window, select the 'Install' checkbox and click 'Apply'.
        6. In the 'Manage Packages' window, verify that CPInfo is enabled.
      • Installation in Clish:

        1. Transfer the cpinfo_<cpinfo_build>.tgz file to the IPSO machine home directory.
        2. Place a copy of cpinfo_<cpinfo_build>.tgz file under /opt/packages/.
        3. Run the following commands:
          cd /opt/packages
          clish -c "set config-lock on override"
          clish -c "add package media local name cpinfo_<cpinfo_build>.tgz"
        4. Logout for the changes to take effect.
        5. Check the build number of CPInfo utility:
          • Either run:
            # cpinfo
            The output should be
            This is Check Point CPinfo Build 914000xxx for IPSO
            Verifying CK...
          • Or run:
            # cpinfo -v
            The output should be:
            This is Check Point CPinfo Build 914000xxx for IPSO

      Notes:

      • The CPInfo utility will be installed into /opt/CPinfo-10/ directory
      • The installation log file is /opt/CPInstLog/install_status.log
        (in addition, refer to /opt/CPInstLog/install_cpinfo_10.elg)
      • The CPInfo installation directory will automatically be added to the $PATH environment variable


    • Show / Hide the uninstall instructions for IPSO

      1. Run the following commands in Clish:
        clish -c "set package name /opt/CPinfo-10 off"
        clish -c "delete package name /opt/CPinfo-10"
      2. Logout.


  • For Windows

    Download the latest CPInfo utility for Windows from the table below:

    Platform Product Version Download CPInfo
    CPInfo for Windows OS Pre-R80

    Show / Hide the install instructions for Windows
    1. Download the CPInfo package.

    2. Place the file in a temp directory on the target system.

    3. Unpack the CPInfo package using a program like WinZIP, WinRAR, 7zip, etc.

    4. Go into Package folder.

    5. Right-click the cpinfo_914000xxx_1.exe - select Run as administrator.

    6. Follow the installation instructions in the Installation Shield.

    7. Check the build number of CPInfo utility:

      • Either run:

        C:\> cpinfo

        The output should be:

        This is Check Point CPinfo Build 914000xxx for Windows

        Verifying CK...

      • Or run:

        C:\> cpinfo -v

        The output should be:
        This is Check Point CPinfo Build 914000xxx for Windows

    Notes:

    • The CPInfo utility will be installed into C:\Program Files (x86)\CheckPoint\cpinfo\ folder
    • The installation log file is c:\Program Files (x86)\CheckPoint\CPInstLog\install_status.log
      (in addition, refer to c:\Program Files (x86)\CheckPoint\CPInstLog\install_cpinfo_.elg)
    • The CPInfo installation folder will automatically be added to the %PATH% environment variable

 

Manual update of CPInfo in SmartConsole

SmartConsole uses the CPInfo utility for Check Point upload services. Follow the instructions below to manually update the CPInfo utility in SmartConsole:
  1. Run CPInfo installation on your SmartConsole GUI client machine. If the CPInfo latest build is already installed, you can skip this step

  2. After installation, copy the following files files to the GUI client:

    C:\Program Files (x86)\CheckPoint\cpinfo\bin\cpinfo.exe
    C:\Program Files (x86)\CheckPoint\cpinfo\bin\data\ca_bundle.crt

  3.  Go to the SmartConsole folder C:\Program Files (x86)\CheckPoint\SmartConsole\R77.30\PROGRAM

  4. Backup the following files and replace them with the files you copied to the bin directory:

    C:\Program Files (x86)\CheckPoint\SmartConsole\R77.30\PROGRAM\cpinfo.exe
    C:\Program Files (x86)\CheckPoint\SmartConsole\R77.30\PROGRAM\data\ca-bundle.crt

 

Troubleshooting

For the list of problems and troubleshooting instructions, refer to sk114496 - Troubleshooting the CPInfo utility article.

 

Known Limitations

The following limitations are known with CPInfo utility:

# Symptoms
1 Auto update on Windows OS in Command Prompt will require manual trigger of Install Shield.
2

Files that contain '/' or '\' in their name, which is not according to the OS on which the CPInfo utility is running ('/' on Windows and '\' on all the rest), cannot be uploaded to Check Point.

Example:

  • On Gaia / SecurePlatform / IPSO / Linux OS:

    • Uploading \directory\demofile will be blocked
    • Uploading /directory/demofile will be processed successfully
  • On Windows OS:

    • Uploading C:/demofile.txt will be blocked
    • Uploading C:\demofile.txt will be processed successfully
3 The size of the files to upload is limited to 10 GB. Refer to sk92526 for relevant instructions.


Revision History

Date Description
5 Dec 2016
  • Added the Troubleshooting section
4 Dec 2016
  • Article was redesigned 
  • Added section about generating CPInfo on Multi-Domain Management Server
20 Nov 2016
  • CPInfo package was replaced (build 914000173) with a new ca-bundle.crt
  • Added "Manual update of CPInfo in SmartConsole" section
  • Added -D flag explanation
2 Oct 2016
  • CPInfo package was replaced (starting in build 914000164) 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment