- Connect to the command line on the Security Gateway / Cluster member (over SSH, or console).Note: For cluster, perform this procedure on Standby member first and then on the Active.
- Go to the Check Point menu:
[Expert@HostName]# cpconfig
- Choose option 5 “Secure Internal Communication” from the menu by typing number 5 and clicking “Enter”:
- You will be asked if you wish to re-initialize the communication. Press on “y” and then click “Enter”:
- You will be asked again if you want to reinitialize the communication, Press on “y” and then click “Enter”:
- You will be prompted to enter the new “SIC” key. Make sure to enter the same key in both fields. Once done typing, click “Enter”:
- The key will be reinitialized, wait until you see the key was “successfully initialized”. Once done choose the option “Exit” and click “Enter”:
- The Check Point processes will be restarted. This will take a few minutes. Once completed, you will be returned to the command line. This ends the process on the Security Gateway side:
Note: The Security Gateway will run the default policy until a policy is installed. It is recommended to install policy as soon as the SIC has been reset on your Management Server.
Perform the following procedure on the Security Management Server:
- Connect with SmartDashboard to Security Management Server / Domain Management Server (CMA).
- Open the Security Gateway object, for which you reset the SIC:
- Click on the “Communication” button:Note: For cluster, perform this procedure on each cluster member. On the Standby member first and then on the Active.
- Click the “Reset” button:
- You will be asked if you are sure you want to reset, click “Yes”:
- You will receive a notification the reset is done. Click “OK”:
- Type in the new SIC key you have created on the Security Gateway, and click “Initialize”:
- Once the SIC has been initialized, you will see the certificate state icon turn green and the note “Trust established”:
- Click “OK” to close the Properties windows.
- Save the database: ‘
File
‘ menu – ‘Save
‘. - Install policy on the Security Gateway.
Note: The Security Gateway will run the default policy until a policy is installed. It is recommended to install policy as soon as the SIC has been reset.
Source: Checkpoint Website