How to copy a file from a Check Point firewall

For troubleshooting you need sometime to transfer files from a Check Point firewal, as example tcpdump files etc.
With the admin user it is not possible to login with sftp, the shell for the user is set to /etc/cli.sh.

For a temporary access to the sftp feature you need to change the shell of the admin or other user which is used for the filetransfer with sftp.

Change the shell of the user

[Expert@fw]# chsh username
Changing shell for username.
New shell [/etc/cli.sh]: /bin/bash
Shell changed.

Then you can do the transfer.

Change it back again if needed

[Expert@fw]# chsh username
Changing shell for username.
New shell [/bin/bash]: /etc/cli.sh
Shell changed.

Network Ports used for communication

Log Files location Check Point

Useful CLI Commands Check Point

Export/Import Policy Package

Useful Smartlog Queries

Useful SNMP OIDs (VSX)

Threat Prevention API

GAIA - Easy execute CLI commands on all gateways simultaneously

Threat Prevention Cyber Attacks Dashboard Template

DOS & DDOS Prevention, Mitigation

Export Syslog Messages

Missing feature - Global search across multiple CMA

Show logging using the web interface

Managing partition sizes via LVM manager on Gaia OS

SmartConsole cli parameters

Jump to Rule Number or UID

SmartConsole: Clear disconnected sessions

Initiating manual cluster failover

How to migrate Custom Queries from one SmartView Tracker to another

Check Point Log Export

After policy install: UDP packet that belongs to an old session drops

How to copy a file from a Check Point firewall

CPView Utility and High Load Traffic

IPS Troubleshooting

Limitation of 251 Inline Layers

Packetpushers with SQLNet

Show interface speed and duplex as a list

VPN Troubleshooting

Threat Extraction Troubleshooting

Check Point Links & Tools

How to copy a file from a Check Point firewall

Change the shell of the user

No Comments