Create a Post
Roy_Long
Contributor

Struggling to get Checkpoint Support on this item - CloudGuard Management node recovery.

Jump to solution

I need some support on restoring a management node on AWS (EC2) which seems to have revoked a certificate and blocking Smartconsole access. Also seems to be non-responsive from the active firewall cluster (two nodes) - both ec2 and pem key is refused by the management node.

Can I get all of the active rules and configurations from the active firewall nodes?  In a format which will allow me to rebuild a cluster and add all of the rules?  even if copying them manually?

Any other suggestions for recovery without bringing down the production firewall cluster which seems to be functional still?

Help 😕

Roy Long

0 Kudos
1 Solution

Accepted Solutions
Roy_Long
Contributor

Thanks for your response, I have resolved the issue without any checkpoint assistance 🙂

Shutdown the management node, detached the volume, and re-attached to another ec2 instance, fixed the issue there, reconnected to the original management node, deleted the excess/failed SICs and created a new SIC.

Many thanks.

View solution in original post

6 Replies
the_rock
Champion
Champion

Would you mind list all the steps that were tried so far?

0 Kudos
Roy_Long
Contributor

I will comment and summarise when I get some time - right in the middle of it at the moment.

0 Kudos
G_W_Albrecht
Legend
Legend

You can only open a TAC case and let CP have a look - sometimes such a thing maybe even possible. But: no backup no pity 😉

CCSE CCTE SMB Specialist
0 Kudos
Roy_Long
Contributor

Thanks for the response. We have backups but CP not helping and passed us to AWS to resolve ...

0 Kudos
PhoneBoy
Admin
Admin

What precise backups were taken from the management?
If you have an appropriate backup (a migrate_server export), you can rebuild the management with rules intact and push policy.

If you don’t have an appropriate backup, getting the data from the active gateway requires Professional Services assistance as there’s no easy way to recover it. 

0 Kudos
Roy_Long
Contributor

Thanks for your response, I have resolved the issue without any checkpoint assistance 🙂

Shutdown the management node, detached the volume, and re-attached to another ec2 instance, fixed the issue there, reconnected to the original management node, deleted the excess/failed SICs and created a new SIC.

Many thanks.