This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ICSI
Collaborator
‎2023-06-28 12:14 PM
Jump to solution

SMB Spark Appliance 1590, lost administrador password?

Ladies and gentlemen, I have news: No documentation will tell you that "THERE IS NO WAY TO RESET IT".

You can stop reading, suck it up and start over from scratch or read my dilemma! 😄

If you forget your admin password, you will be locked out without access to your appliance. There is no procedure or app that will help you to gain access to it again. The only way is by doing a factory reset and to start typing all over again. That means the configuration you had, should be created again. You will have to make again: All the VLANs, VPNs, users, open ports, closed ports, blocked websites, unblocked websites, objects, etc.

Unless you are smarter than me and have documented all your changes and configurations, which I did not, then it will be easier to get back into your feet.

What happened to me is that I received an RMA appliance, created a default account, and "activated it, but it did not download the licenses (red flag), so anyways, I restored my configuration everything was perfect. I was able to log in with my admin. All my users and devices were happy. Then I created a ticket to ask for support to activate the license. I was recommended to do it using the webui "home/license/Activate" or to do it "manually" with the license received from tech support.

While waiting for advice, "because the user center was down," I needed to wait for hours because that could have been the cause. I decided to change my admin id and password for security reasons. I never thought that I could need to factory reset the device again. So after updating, I made notes with the "new" username and password and deleted my old admin/pass (mistake#1). Usually, I save a copy of it for crazy reasons, BUT IN THIS PARTICULAR case, I did not.

Guess what? The recommendation was to factory reset the device and activate the license with a new xml file. I happily did it, created a basic default configuration, and took notes of temporary id n pasw. Followed the tech support recommendations, the appliance was finally licensed and I was at peace and hopeful. Now it was time to restore my configuration. Oh Boy!, I forgot that after restoring my old setup, it will populate the old user admin and pass, and the temporary one will be lost.

I spoke to the tech support guys, and they explained to me that it's a security feature, etc., but I need more than that because, in the end, all the hours invested in my configuration and specific business needs are gone. Now, I have to start over from scratch, day 0.

So if you are in a similar situation, do not look more!

The solution, Do the following:

Get coffee, and order a medium size pizza because it is going to be a long night. Call home and tell them you are not going tonight, and start typing and setting up your configuration. Hopefully, you have documented everything, which I still need to do.

Good luck!

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos
4 Solutions

Accepted Solutions
Amir_Ayalon
Employee
Employee
‎2023-06-29 12:00 AM
Jump to solution

Hi

I'm sorry you had bad upgrade experience. usually it works vert smoothly, in your case, it appear it wasn't..

In Any Case, Reset Password is indeed a very important feature, that can save the day in a few cases, that why' I'm happy to announce the feature will be added soon, and will be available in R81.10.08.

Actually, EA for this feature is about to start, so those who want to join - are welcome.

And again, sorry for your troubles, and thanks for the feedback.

 

View solution in original post

PhoneBoy
Admin
Admin
‎2023-06-29 10:05 AM
Jump to solution

Unfortunately, you are correct that locally managed SMB appliances require a factory reset if the admin password is lost/forgotten.
See: https://support.checkpoint.com/results/sk/sk119633 
However, it is nice to see we are adding a feature to address this issue.

View solution in original post

Chris_Atkinson
Employee Employee
Employee
‎2023-09-04 05:43 AM
In response to ICSI
Jump to solution

R81.10.08 is now available per sk181079.

CCSM R77/R80/ELITE

View solution in original post

0 Kudos
(1)
ICSI
Collaborator
‎2023-09-05 12:58 PM
In response to Chris_Atkinson
Jump to solution

I just upgraded my appliance and it works great! well, I have not tested the password reset, but soon! as well I updated in a few of my other customers appliances. 

After upgradingAfter upgradingWhat you get!What you get!

 

 

 

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!

View solution in original post

0 Kudos
10 Replies
Amir_Ayalon
Employee
Employee
‎2023-06-29 12:00 AM
Jump to solution

Hi

I'm sorry you had bad upgrade experience. usually it works vert smoothly, in your case, it appear it wasn't..

In Any Case, Reset Password is indeed a very important feature, that can save the day in a few cases, that why' I'm happy to announce the feature will be added soon, and will be available in R81.10.08.

Actually, EA for this feature is about to start, so those who want to join - are welcome.

And again, sorry for your troubles, and thanks for the feedback.

 

ICSI
Collaborator
‎2023-06-29 09:44 AM
In response to Amir_Ayalon
Jump to solution

That is a huge headache an almost a no-no thing.  I would like to join your Early Adoption program, let me know how. Today I still struggling with the configuration. Had to reset it one more time, VLans, VPns, etc. now I am documenting.

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-06-29 03:08 AM
Jump to solution

This is only an issue with locally managed SMBs - if centrally managed with SIC established you can change it from SMS CLI.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
ICSI
Collaborator
‎2023-06-29 09:45 AM
In response to G_W_Albrecht
Jump to solution

Hi @G_W_Albrecht  thank you for your note. 

I read about that too, I believe that there should be a big enough market that is not being centrally managed. Like most of my SMB clients and now myself. 

Until today, is a serious problem. 

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-06-30 12:55 AM
In response to ICSI
Jump to solution

No, this is rather an issue with password storage / safety in SMBs. In a larger company, you are forced to document all credentials according to internal regulations, and they will even be kept for a certain time after being used.

This is no serious problem for anybody aware of security considerations. If you steal my GW, you will at least not get my data...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
ICSI
Collaborator
‎2023-07-02 02:08 PM
In response to G_W_Albrecht
Jump to solution

Thanks @G_W_Albrecht its good that you can notice it. But I believe that when humans are involved, you are screwed at certain point. 😄 - I have corporate experience and gov, and I understand perfectly your point. Best!!

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos
PhoneBoy
Admin
Admin
‎2023-06-29 10:05 AM
Jump to solution

Unfortunately, you are correct that locally managed SMB appliances require a factory reset if the admin password is lost/forgotten.
See: https://support.checkpoint.com/results/sk/sk119633 
However, it is nice to see we are adding a feature to address this issue.

ICSI
Collaborator
‎2023-06-29 10:07 AM
In response to PhoneBoy
Jump to solution

Thank you! yes, I saw that SK119633 at 1am :(. 

I am down to be part of your EA for the next firmware update/release what allows that. 

 

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-09-04 05:43 AM
In response to ICSI
Jump to solution

R81.10.08 is now available per sk181079.

CCSM R77/R80/ELITE
0 Kudos
(1)
ICSI
Collaborator
‎2023-09-05 12:58 PM
In response to Chris_Atkinson
Jump to solution

I just upgraded my appliance and it works great! well, I have not tested the password reset, but soon! as well I updated in a few of my other customers appliances. 

After upgradingAfter upgradingWhat you get!What you get!

 

 

 

Regards,

Oscar Catana
https://ipthub.com

Cyber Sec Passionate!
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events