This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Franktum
Contributor
‎2024-05-13 07:10 AM

SIC certificate expired

Hi:

Today we realized the SIC certificate expired in 4 out of 3 gateways. In this SK you can read this certificates should be renewed automatically at the 75% threshold (Scenario 4) (https://support.checkpoint.com/results/sk/sk97691). The first thing we thought is the ports were closed but it doesn't seem so. Telnets from SMS to one gateway:

[Expert@SMS:0]# telnet 192.168.217.81 18191
Trying 192.168.217.81...
Connected to 192.168.217.81.
Escape character is '^]'.


[Expert@SMS:0]# telnet 192.168.217.81 18192
Trying 192.168.217.81...
Connected to 192.168.217.81.
Escape character is '^]'.

 

There is no connection to the 18210 and 18211 ports because the gateways are not listening on them:

[Expert@Gateway]# netstat -punta | grep 1821
[Expert@Gateway]#

 

SMS is R81.20 Take 41, gateways in R81.10 Take 130.

We'll reset the SIC manually but want to know why the SIC certificates weren't renewed automatically.

 

P.D. In Global properties > Firewall, Accept control connections option is enabled.

Any ideas?

Thanks in advanced

Regards

0 Kudos
(1)
Who rated this post