- Products
- Learn
- Local User Groups
- Partners
- More
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
Ink Dragon: A Major Nation-State Campaign
Watch HereCheckMates Go:
CheckMates Fest
what is the correct way of deleting and decommissioning a VSX gateway, when we deleted the VSX from Smartconsole, when you try to add the VLAN again to another VSX it says it is already allocated and does not let you. rebooting the gateway fixes the issue, is there a step I am missing when decommissioning/deleting the VSX that it is not cleaning it up properly?
thanks
1. Perform backup/snapshot of management where VSX is managed from (in case you need to revert decommissioned VSX).
1a (optional). Save all configs from all VSs for further processing (like audit).
2. Delete all VSs from SmartConsole
3. Delete VSW (Virtual Switch) and/or VSR (Virtual Router) from SmartConsole
4. Delete complete VSX gateway/cluster (VS0) from SmartConsole
5. Grace period of 1 month in case something was not planned to be deleted
6. Perform factory default reset over CLI on VSX gateway/cluster
7. perform cleanup of all rules, objects, domains, rulebases where VSX related things were used
Im no VSX expert by any means, but I recall from while back, one way to do this was via vsx provision tool or reset_gw locally. Ultimately, I would make sure to remove any reference from Guidbedit as well.
Deleting a VSX Gateway
When you delete a VSX Gateway object, the operation automatically deletes all Virtual
Systems and other Virtual Devices associated with that VSX Gateway from the management
database.
To delete a VSX Gateway:
1. From the Gateways & Servers view or Object Explorer tree, right-click the VSX Gateway
object on the Object Tree and select Delete.
2. In the window that opens, click Yes.
Backing up and Restoring VSX Gateway
In the event of a catastrophic VSX Gateway failure, you can restore the VSX Gateway
configuration and its Virtual Device configuration.
Follow the instructions in the sk100395: How to backup and restore VSX Gateway.
https://support.checkpoint.com/results/sk/sk100395
Good points @WiliRGasparetto
Afterwards, let me know if it was helpful. If you need any more help, just tell me.
1. Perform backup/snapshot of management where VSX is managed from (in case you need to revert decommissioned VSX).
1a (optional). Save all configs from all VSs for further processing (like audit).
2. Delete all VSs from SmartConsole
3. Delete VSW (Virtual Switch) and/or VSR (Virtual Router) from SmartConsole
4. Delete complete VSX gateway/cluster (VS0) from SmartConsole
5. Grace period of 1 month in case something was not planned to be deleted
6. Perform factory default reset over CLI on VSX gateway/cluster
7. perform cleanup of all rules, objects, domains, rulebases where VSX related things were used
it is one VSX that we need to clean up not all VS's associated to that cluster, anything needs to be done from CLI so that the VLANs dont give the error of being allocated still? do we need to install database form smartconsole?
I would do that, for sure. It would just refresh mgmt database, so would not break anything. Still, as I mentioned in my previous post, worth verifying guidbedit as well.
If one particular virtual system (VS) is needed to be removed from existing VSX gateway/cluster, there is just a good idea to save all configuration from CLI (set virtual-system XY, save configuration filename.txt). Deletion just one of many VSs must be done only over SmartConsole (right click -> Delete).
Makes sense. @knassif , I strongly suggest do backup and/or snapshot as well before doing any of this.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 63 | |
| 19 | |
| 13 | |
| 12 | |
| 12 | |
| 9 | |
| 8 | |
| 7 | |
| 7 | |
| 7 |
Tue 28 Apr 2026 @ 06:00 PM (IDT)
Under the Hood: Securing your GenAI-enabled Web Applications with Check Point WAFTue 28 Apr 2026 @ 06:00 PM (IDT)
Under the Hood: Securing your GenAI-enabled Web Applications with Check Point WAFTue 12 May 2026 @ 10:00 AM (CEST)
The Cloud Architects Series: Check Point Cloud Firewall delivered as a serviceThu 30 Apr 2026 @ 03:00 PM (PDT)
Hillsboro, OR: Securing The AI Transformation and Exposure ManagementAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY