renewal ipsec vpn cert

pnobels — Tue, 08 Aug 2023 07:28:26 GMT

Hi,

running R81.10 take 66.

I've got an ipsec cert renewal for our main vpn gateway upcoming. The cert is requested from the Checkpoint internal ca (so it's the selfsigned defaultcert).

I believe i can just renew the certificate and perform a policy push on the main vpn gateway?

And a policy push is NOT needed on all the remote gateways since they will renegotiate the ipsec connection automatically?

Best to perform this after hours as the tunnels will shortly go down/up due to ike phase 1 en 2 renegotiation?

Thx!

__PRESENT

Re: renewal ipsec vpn cert

G_W_Albrecht — Tue, 08 Aug 2023 07:38:12 GMT

I wpuld suggest to install recommended JT 109 ! VPN / ICA cert renewal should be done automatically then: https://community.checkpoint.com/t5/Security-Gateways/IKE-certificate-auto-renewal-failure/m-p/63183#M12291

topic Re: renewal ipsec vpn cert in Firewall and Security Management

renewal ipsec vpn cert

Re: renewal ipsec vpn cert