- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Re: Password Reset | CLI | 1500
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Password Reset | CLI | 1500
Hi Guys,
One of our customers lost his admin password for the firewall and requested to reset it. Can anyone help me with the steps or guide?
TIA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any access to the appliance at all or he lost the password for the only admin account configured?
If this is a centrally managed appliance you can look at: https://support.checkpoint.com/results/sk/sk119633
Alternately if it's locally managed it may need to be factory reset, in the current EA version a new feature has been added to help avoid such scenarios.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Chris,
He only lost the admin password. We believe we can get an SSH session but won't be able to log in.
Also, it's a locally managed firewall. Is there any solution to recover the password without resetting the device?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
It means we have to reset the box right?
TIA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. Unless you have an another admin account that still works
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Unfortunately, the customer doesn't have any other account.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Too bad. Any existing backup of that appliance?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
yeah we have 03 month old backup
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, this is better than nothing. Perform a factory reset, set up two admin accounts, just in case, and see if you can restore your policies from that backup or not. Plan for an extensive downtime while you do that, or, if you have another appliance handy, try doing it in the lab first, to see if it works.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It will replace the passwd and shadow files. You can change the passwd in backup, see https://community.checkpoint.com/t5/SMB-Gateways-Spark/Replace-expert-password-on-SMB-Appliance/m-p/...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for sharing, I see a way out here 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Another alternative, use USB media during boot: https://community.checkpoint.com/t5/SMB-Gateways-Spark/set-expert-password-hash-using-autoconf-clish...
Not sure if this works on a configured appliance, but could be tested.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Backup contains the old password...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Will it remove the second admin account created on the device; as I suggested above?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you, guys, for your great support. found an another login and we logged into the firewall using that account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fantastic news, thanks for sharing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
why can't there be a reset button like synology which requires physical access to push button to default admin password?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We don't have a default admin password.
There is an option to perform a factory reset with physical access, however: https://support.checkpoint.com/results/sk/sk98549