How To Reset SIC On Checkpoint Firewall:

Raghavendra Seshumurthy
  1. Connect to the command line on the Security Gateway / Cluster member (over SSH, or console).Note: For cluster, perform this procedure on Standby member first and then on the Active.
  2. Go to the Check Point menu: [Expert@HostName]# cpconfigReset_Sic_1.jpg
  3. Choose option 5 “Secure Internal Communication” from the menu by typing number 5 and clicking “Enter”:Reset_Sic_2.jpg
  4. You will be asked if you wish to re-initialize the communication. Press on “y” and then click “Enter”:Reset_Sic_3.jpg
  5. You will be asked again if you want to reinitialize the communication, Press on “y” and then click “Enter”:Reset_Sic_4.jpg
  6. You will be prompted to enter the new “SIC” key. Make sure to enter the same key in both fields. Once done typing, click “Enter”:Reset_sic_5
  7. The key will be reinitialized, wait until you see the key was “successfully initialized”. Once done choose the option “Exit” and click “Enter”:
  8. The Check Point processes will be restarted. This will take a few minutes. Once completed, you will be returned to the command line. This ends the process on the Security Gateway side:Reset_Sic_7.jpg

Note: The Security Gateway will run the default policy until a policy is installed. It is recommended to install policy as soon as the SIC has been reset on your Management Server.

 

Perform the following procedure on the Security Management Server:

  1. Connect with SmartDashboard to Security Management Server / Domain Management Server (CMA).
  2. Open the Security Gateway object, for which you reset the SIC:
  3. Click on the “Communication” button:Note: For cluster, perform this procedure on each cluster member. On the Standby member first and then on the Active.
  4. Click the “Reset” button:
  5. You will be asked if you are sure you want to reset, click “Yes”:Reset_Sic_11
  6. You will receive a notification the reset is done. Click “OK”:Reset_Sic12
  7. Type in the new SIC key you have created on the Security Gateway, and click “Initialize”:Reset_Sic_13.jpg
  8. Once the SIC has been initialized, you will see the certificate state icon turn green and the note “Trust established”:Reset_Sic_14.jpg
  9. Click “OK” to close the Properties windows.
  10. Save the database: ‘File‘ menu – ‘Save‘.
  11. Install policy on the Security Gateway.

Note: The Security Gateway will run the default policy until a policy is installed. It is recommended to install policy as soon as the SIC has been reset.

Source: Checkpoint Website

Published by Raghavendra Seshumurthy

My name is Raghavendra Seshumurthy. Presently I am working as a technolgy manager for Microland Organization. I have experience on security/cloud products: F5, Checkpoint, ASA, PA, AWS, Bluecoat, VPN, PITC, Zscaler, Azure, GCP, network, security, cloud. This blog is created just to share thoughts on new technologies and features in the network, security and cloud environment.

3 thoughts on “How To Reset SIC On Checkpoint Firewall:”

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s