Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
seanmc12
Contributor
Jump to solution

VPN Certificate Upgrade - VPN Disconnect?

Will Checkpoint VPN disconnect if I upgrade the Checkpoint VPN Certificate? I need to upgrade our VPN Cert, but do not want to disconnect any active sessions. I think the VPN clients will stay connect and renew once they disconnect and reconnect. Can anyone confirm. Not finding any verbiage in the documentation on that.

0 Kudos
1 Solution

Accepted Solutions
JozkoMrkvicka
Mentor
Mentor

This is not true. Only in case InternalCA cert (on management) is renewed, end users will need to accept new fingerprint.

If only VPN certificate (inside RA VPN gateway object) is about to be renewed, it will not disconnect any users and no need to accept any certificate.

See sk182070 for automatic IKE certificate renewal.

Kind regards,
Jozko Mrkvicka

View solution in original post

0 Kudos
(1)
3 Replies
G_W_Albrecht
Legend Legend
Legend

Are you talking about S2S or RA VPN ? RA VPN is the issue as clients must manually accept the new fingerprint...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
JozkoMrkvicka
Mentor
Mentor

This is not true. Only in case InternalCA cert (on management) is renewed, end users will need to accept new fingerprint.

If only VPN certificate (inside RA VPN gateway object) is about to be renewed, it will not disconnect any users and no need to accept any certificate.

See sk182070 for automatic IKE certificate renewal.

Kind regards,
Jozko Mrkvicka
0 Kudos
(1)
seanmc12
Contributor

Thank you.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events