This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Tieoule
Participant
‎2021-03-18 03:46 AM
Jump to solution

HOW TO RESET FULL ENCRYPTION WITHOUT SMARTENDPOINT ???

Good morning all,
I am facing a real problem with one of our clients. This could end all market contracts around checkpoint solutions. So I know that with the community we can jointly find a solution. 

Indeed, I cannot access the endpoint management server which is installed as an open server at the client.  I have this error that appears when I type the command cpwd_admin list: "cpwd_admin: Failed to submit request to cpWatchdog". I do not have a snapshot or a backup of the server.

How to bypass the full encryption reset without going through the console in this situation?

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin
‎2021-03-18 04:41 AM
In response to Tieoule
Jump to solution

Did you, or did you not manage to extract migration files from the faulty server?

View solution in original post

10 Replies
_Val_
Admin
Admin
‎2021-03-18 04:04 AM
Jump to solution

The only sensible way is to go through support process. If you feel that you are not getting timely assistance, you can escalate.
Also, it is the best practice to run periodical backups of critical infrastructure. 

Since you do not mention exact versions of your MGMT server and clients in use, it is hard to advise. Did you try to get management export from the machine and install a new server, with DM migrated to it?

Also, why do you need to reset encryption at this point?

0 Kudos
Tieoule
Participant
‎2021-03-18 04:30 AM
In response to _Val_
Jump to solution

I fully understand your point.
Indeed, at this stage we need the full encryption reset because there is a user who is blocked. The client works in the banking sector.

Regarding the backup point, initially we were in PoC mode and the server was not suitable for local backup, and backup policies should be defined when we go to production.

The mgmt server version (installed on a VM in a VMware environment) is R80.20 and the endpoints are at version E84.0. and we have installed a new physical server in open server version R80.40, it is to this new server that we want to migrate

Do you have a solution ? Otherwise it's a disaster

0 Kudos
_Val_
Admin
Admin
‎2021-03-18 04:41 AM
In response to Tieoule
Jump to solution

Did you, or did you not manage to extract migration files from the faulty server?

Tieoule
Participant
‎2021-03-18 04:46 AM
In response to _Val_
Jump to solution

This is what we wanted to do. And we discovered this problem. Suddenly we said to ourselves that it was imperative to resolve this problem before trying to migrate.

0 Kudos
_Val_
Admin
Admin
‎2021-03-18 05:00 AM
In response to Tieoule
Jump to solution

Got it.

The best course of action, considering the urgency, to call the support line and ask for urgent assistance, including remote access. Also, it is advisable to update the case with full details, explaining the task in hands and actual nature of your emergency and the situation.

I have also sent you a personal message, just in case. Looking forward to hear your situation is resolved.

0 Kudos
Tieoule
Participant
‎2021-03-18 05:05 AM
In response to _Val_
Jump to solution

Thanks Sir,

I will contact in case of need

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2021-03-18 06:00 AM
Jump to solution

Ok, silly question, but is problem the same if you do cpstop start or reboot? When did this occur? Sorry, Im way more firewall than endpoint guy, just trying my best to help you knowing the urgency of situation.

 

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Tieoule
Participant
‎2021-03-18 03:06 PM
In response to the_rock
Jump to solution

We use migrate export and migrate import by using a intermediate server. Because the old one got a lot of problem. This methode solve the problem. I advice every body here who will be face to this kind of problem to contact the support team, because there are many things to do on the system kernel file. Like analyzing registry files.

_Val_
Admin
Admin
‎2021-03-19 12:41 AM
In response to Tieoule
Jump to solution

I am grad the issue is resolved. 

Tieoule
Participant
‎2021-03-19 12:54 AM
In response to _Val_
Jump to solution

Yes, this was partly with the EMEA TAC help.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events