This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
tavi0906
Contributor
‎2025-02-13 07:36 PM

disable ICA port

We need to disable the ICA port as we are not using it for CRL. 

is there a way to disable the service?

Please let us have the SK for it. 

 

0 Kudos
7 Replies
the_rock
MVP Platinum
MVP Platinum
‎2025-02-13 07:44 PM

You can run ps -auxw | grep 18265 and then once you have an ID, run kill -9 pid (whatever the number)

Alternatively, you can create a rule to block it. Btw, are you sure its not needed at all? ICA is as a matter of fact authority responsible for issuing certificates for SIC.

Andy

Best,
Andy
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-02-13 07:48 PM

Here is the sk.

Andy

https://support.checkpoint.com/results/sk/sk30501

https://support.checkpoint.com/results/sk/sk102837

 

If ICA Management Tool is currently enabled (ON), but is not needed, then perform one of the following:

  • Either disable ICA Management Tool:

    • On Security Management Server

      [Expert@HostName]# cpca_client set_mgmt_tool off

    • On Multi-Domain Security Management Server

      [Expert@HostName]# mdsenv Domain_Name
      [Expert@HostName]# cpca_client set_mgmt_tool off
Best,
Andy
0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-13 08:47 PM
In response to the_rock

That’s for the ICA Management Tool, not the CRL.

SIC (used for firewall/management communication) uses certificates for authentication.
A CRL is a critical part of that process and cannot be disabled.

the_rock
MVP Platinum
MVP Platinum
‎2025-02-14 04:21 AM
In response to PhoneBoy

Good point. Not sure if what I said in my first reply would even work then...

Andy

Best,
Andy
0 Kudos
tavi0906
Contributor
‎2025-02-16 07:40 PM
In response to PhoneBoy

is there any specific command to restart the ICA services or do i need to restart the firewall?

0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-17 03:40 PM
In response to tavi0906

While I believe it's the cpd process that needs to be killed, it's best to perform a cprestart here (which if executed on a gateway, will "restart the firewall").

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-02-14 05:38 AM

FWIW, this is what AI Copilot gave...

Andy

********************************************

Disabling the ICA (Internal Certificate Authority) port on Check Point is not recommended as it is crucial for the secure communication between the Security Management Server and the Security Gateways. The ICA is responsible for issuing certificates for authentication and is an integral part of the Check Point security infrastructure.

However, if you have a specific requirement or issue, please provide more details so I can assist you better. If you need to restrict access to the ICA port, you can consider configuring firewall rules to control the traffic.

Learn more:
  1. Quantum Spark R80.20.10 Locally Managed Administration Guide for 1500 Appliances - Managing-System-S...
  2. R77 Versions Installation and Upgrade Guide for Non-Gaia Platforms - 16248
  3. Quantum Spark R80.20.15 Locally Managed Administration Guide for 1500 Appliances - Managing-System-S...
  4. R82 Security Management Administration Guide - cpca_client-get_crldp
  5. R77 Versions Installation and Upgrade Guide for Gaia Platforms - 16248
  6. sk172384 - Port Scanning shows Port 12873 is open on the Security Gateway
  7. R80.40 Remote Access VPN Administration Guide - Check-Point-VPN
  8. R81 Remote Access VPN Administration Guide - Check-Point-VPN
  9. sk99130 - SIC with the Security Gateway breaks every few days and SIC error "Authentication error [e...
  10. sk52421 - Ports used by Check Point software
Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events