- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Struggling to get Checkpoint Support on this i...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Struggling to get Checkpoint Support on this item - CloudGuard Management node recovery.
I need some support on restoring a management node on AWS (EC2) which seems to have revoked a certificate and blocking Smartconsole access. Also seems to be non-responsive from the active firewall cluster (two nodes) - both ec2 and pem key is refused by the management node.
Can I get all of the active rules and configurations from the active firewall nodes? In a format which will allow me to rebuild a cluster and add all of the rules? even if copying them manually?
Any other suggestions for recovery without bringing down the production firewall cluster which seems to be functional still?
Help 😕
Roy Long
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your response, I have resolved the issue without any checkpoint assistance 🙂
Shutdown the management node, detached the volume, and re-attached to another ec2 instance, fixed the issue there, reconnected to the original management node, deleted the excess/failed SICs and created a new SIC.
Many thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Would you mind list all the steps that were tried so far?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I will comment and summarise when I get some time - right in the middle of it at the moment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can only open a TAC case and let CP have a look - sometimes such a thing maybe even possible. But: no backup no pity 😉
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the response. We have backups but CP not helping and passed us to AWS to resolve ...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What precise backups were taken from the management?
If you have an appropriate backup (a migrate_server export), you can rebuild the management with rules intact and push policy.
If you don’t have an appropriate backup, getting the data from the active gateway requires Professional Services assistance as there’s no easy way to recover it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your response, I have resolved the issue without any checkpoint assistance 🙂
Shutdown the management node, detached the volume, and re-attached to another ec2 instance, fixed the issue there, reconnected to the original management node, deleted the excess/failed SICs and created a new SIC.
Many thanks.