And on top of that: I'm still a bit confused about the issue.

You said that the active member blew out because of an electrical surge. So, is this node totally gone? Or is it up again? Could you let me know what's going on with this device?

Good point, Vince. Thats what sort of confused me as well when I read the post.

Apologies, I should have been more elaborate. The previous Active firewall blew away and is gone. It is physically damaged beyond repair. The previous Standby has now taken the role of Active but Smart Console is opening in Read Only mode. cphaprob_state shows as ACTIVE(!) 

Ah, so sorry to hear that : - (. So without it even being connected, makes sense why other one shows that. 

Correct. The output in cphaprob stat is therefore entirely correct.
The question remains regarding the read-only behaviour; we would need more details for that. I haven't quite figured that out yet.

Yea, that baffles me a bit as well.

@the_rock , @Vincent_Bacher : As outlined in my first reply, this was probably an old and outdated Full HA cluster. As the primary cluster node, including the active management, died during the electrical surge, the secondary cluster node automatically went into active (!) mode and nobody made the standby management active yet, as this needs to be done manually. In result, the remaining management still runs in standby mode and is therefore read-only.

@nilanjan_lahiri : Make your management active and login with a superuser account, typically the Gaia admin account, or use cpconfig to configure it. If none of this helps, open a service request with Check Point Support.

Blimey! Now I get it. Management and gateway on the cluster itself. Good heavens.

Ah, I get what you meant Danny. And yes, R80.40 is out of support, so even opening TAC case might not do much.

Maybe he can try this 

# cpstop

# cpprod_util FwSetActiveManagement 1

 # cpstart

Excellent idea!

Since the second device is irretrievably broken anyway, you could perhaps also enter the following:

cp_conf fullha del_peer

cp_conf fullha disable

But I've never played around with it before.

Now you got me so curious about it, I may build a lab just to test it myself.

Keep me posted.

@the_rock , @Vincent_Bacher : Don't forget that he doesn't have a cluster anymore and cpstop would also stop his only active cluster node causing a full production outage and maybe even kill his connection to the system.

In a standalone Check Point cluster node (where both the Security Gateway and the Security Management Server run on the same machine), if @nilanjan_lahiri  wants to stop only the management services without affecting the firewall/gateway traffic, he should only stop the management processes.

@nilanjan_lahiri : Use SmartConsole to make your management active or run cpwd_admin to stop the management processes, make it active via cpprod_util and then start your management services again:

cpwd_admin stop -name FWM -path "$FWDIR/bin/fw" -command "fw kill fwm"
cpwd_admin:
Process FWM (pid=27613) stopped with command "fw kill fwm". Exit code 0.
cpprod_util FwSetActiveManagement 1
cpprod_util FwIsPrimary
1
cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm"
cpwd_admin:
Process FWM started successfully (pid=28833)

Yes sure you’re right 

@nilanjan_lahiri 

I'll keep my fingers crossed that it works for you and that you can continue working for the time being.
Nevertheless, I would strongly recommend that you seriously consider a refresh and then, ideally, distributed or dedicated management. With backups and everything that goes with it, of course.

I could not agree more. Distributed environment is a way to go. I only know one customer we manage that always used standalone config, but its most likely because they are pretty small shop.

I was able to replicate it in the lab and yes, you are 100% right @Danny