cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Reset SIC On R80.10 Gateway?

Jump to solution

This may be the dumbest question, but... how do you reset SIC on an R80.10 gateway? I'm not sure what key was used when an appliance was originally configured, so I went to cpconfig in the CLI on the Gateway, but I don't see the option on the menu anymore.

I'm sure I'm missing something really obvious here, but an advice is greatly appreciated!

0 Kudos
1 Solution

Accepted Solutions
Admin
Admin

Re: Reset SIC On R80.10 Gateway?

Jump to solution

It's showing on my gateway...

[Expert@GW:0]# fw ver

This is Check Point's software version R80.10 - Build 423

[Expert@GW:0]# cpconfig

This program will let you re-configure

your Check Point products configuration.

Configuration Options:

----------------------

(1)  Licenses and contracts

(2)  SNMP Extension

(3)  PKCS#11 Token

(4)  Random Pool

(5)  Secure Internal Communication

(6)  Enable cluster membership for this gateway

(7)  Disable Check Point SecureXL

(8)  Automatic start of Check Point Products

(9) Exit

Enter your choice (1-9) :

Only thing I can think of is maybe the gateway is configured as standalone (with firewall and management on same box)?

When I run cpconfig on my management box, the "SIC" option is not shown:

[Expert@mgmt:0]# cpconfig

This program will let you re-configure

your Check Point Security Management Server configuration.

Configuration Options:

----------------------

(1)  Licenses and contracts

(2)  Administrator

(3)  GUI Clients

(4)  SNMP Extension

(5)  Random Pool

(6)  Certificate Authority

(7)  Certificate's Fingerprint

(8)  Automatic start of Check Point Products

(9) Exit

Enter your choice (1-9) :

In which case, your best course of action is reimage the appliance. 

3 Replies
Admin
Admin

Re: Reset SIC On R80.10 Gateway?

Jump to solution

It's showing on my gateway...

[Expert@GW:0]# fw ver

This is Check Point's software version R80.10 - Build 423

[Expert@GW:0]# cpconfig

This program will let you re-configure

your Check Point products configuration.

Configuration Options:

----------------------

(1)  Licenses and contracts

(2)  SNMP Extension

(3)  PKCS#11 Token

(4)  Random Pool

(5)  Secure Internal Communication

(6)  Enable cluster membership for this gateway

(7)  Disable Check Point SecureXL

(8)  Automatic start of Check Point Products

(9) Exit

Enter your choice (1-9) :

Only thing I can think of is maybe the gateway is configured as standalone (with firewall and management on same box)?

When I run cpconfig on my management box, the "SIC" option is not shown:

[Expert@mgmt:0]# cpconfig

This program will let you re-configure

your Check Point Security Management Server configuration.

Configuration Options:

----------------------

(1)  Licenses and contracts

(2)  Administrator

(3)  GUI Clients

(4)  SNMP Extension

(5)  Random Pool

(6)  Certificate Authority

(7)  Certificate's Fingerprint

(8)  Automatic start of Check Point Products

(9) Exit

Enter your choice (1-9) :

In which case, your best course of action is reimage the appliance. 

Re: Reset SIC On R80.10 Gateway?

Jump to solution

My cpconfig output looks like the 2nd one, so it must have been set up as standalone. I agree re-imaging will be much easier. I never would have thought of that, thanks!

0 Kudos
Admin
Admin

Re: Reset SIC On R80.10 Gateway?

Jump to solution

It's worth nothing that in the second case, you can reset SIC by using the command fwm sic_reset

This resets the internal CA and will break anything that relies on it (SIC with other gateways, VPN certificates, etc).

However, that won't turn a standalone gateway into a gateway that can be externally managed.

0 Kudos