Right, certificate-based VPNs (which are typically Intranet VPNs) will die after about 24 hours if the CRL cannot be retrieved. VPN tunnels using a pre-shared key for authentication will not be affected.
Another consequence of SIC being broken is that the logs being generated by the firewall cannot be sent to the SMS, so they will be written to the firewall's local hard drive. If this goes on for long enough it could potentially run the firewall out of disk space which will cause some rather nasty problems.
--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com