This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Franktum
Contributor
‎2024-05-13 07:10 AM

SIC certificate expired

Hi:

Today we realized the SIC certificate expired in 4 out of 3 gateways. In this SK you can read this certificates should be renewed automatically at the 75% threshold (Scenario 4) (https://support.checkpoint.com/results/sk/sk97691). The first thing we thought is the ports were closed but it doesn't seem so. Telnets from SMS to one gateway:

[Expert@SMS:0]# telnet 192.168.217.81 18191
Trying 192.168.217.81...
Connected to 192.168.217.81.
Escape character is '^]'.


[Expert@SMS:0]# telnet 192.168.217.81 18192
Trying 192.168.217.81...
Connected to 192.168.217.81.
Escape character is '^]'.

 

There is no connection to the 18210 and 18211 ports because the gateways are not listening on them:

[Expert@Gateway]# netstat -punta | grep 1821
[Expert@Gateway]#

 

SMS is R81.20 Take 41, gateways in R81.10 Take 130.

We'll reset the SIC manually but want to know why the SIC certificates weren't renewed automatically.

 

P.D. In Global properties > Firewall, Accept control connections option is enabled.

Any ideas?

Thanks in advanced

Regards

0 Kudos
1 Reply
G_W_Albrecht
Legend Legend
Legend
‎2024-05-13 07:17 AM

I would ask CP TAC !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top