Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Iron

R80.40 SIC on Specific VS

Hello Checkmates

 

After completed the upgrade of a VSX Cluster (through CLI), I've went through the vsx_util upgrade and reconfigure of the various Virtual Systems. I can now from smartconsole see that both the VSX, Gateways and VS are showing as being on R80.40. opened all VS properties and ensured that this was successful,

I successfully pushed the existing policies to the VSX cluster, however, when I tried to push the policies to any VS, the installation fails with an error: "Peer SIC Certificate has been revoked try to reset SIC on the peer and re-establish the trust"

I followed SK34098

and got the following results

ID | Type & Name           | Access Control Policy | Installed at | Threat Prevention Policy | SIC Stat
-----+-------------------------+-----------------------+-----------------+--------------------------+---------
1   |  W VSW                      | <Not Applicable>        |                       | <Not Applicable>              | Trust
2   |  S CPX_NYC_VS1     | <No Policy>                  |                       | <No Policy>                       | Trust
3   |  S CPX_NYC_VS2     | <No Policy>                  |                       | <No Policy>                       | Trust

[Expert@CPX01NYC:0]# vsenv 3
Context is set to Virtual Device CPX_NYC_VS2 (ID 3).
[Expert@CPX01NYC:3]# fw vsx sicreset
Failed to initialize SIC!

[Expert@CPX01NYC:0]# vsenv 2
Context is set to Virtual Device CPX_NYC_VS1 (ID 2).
[Expert@CPX01NYC:2]# fw vsx sicreset
Failed to initialize SIC!

also step from the following link to no avail

https://sc1.checkpoint.com/documents/R76SP.10/CP_R76SP.10_SecuritySystem_AdminGuide/105046.htm

Has anyone come across this, any idea how I can reset the SIC for a specific VS in R80.40?

Thanks

0 Kudos
1 Reply
Highlighted
Admin
Admin

I'd get the TAC involved here
0 Kudos