Checkpoint – The Gentle SIC Reset


I found myself in a awkward situation the other weekend where I lost access to Check Point’s internal networks after switching over some networks due to anti-spoofing and after a short adventure of spinning up a new management server in Azure, pointing the firewall to it and pushing a more permissive rule I was back online!!!!

However the problem now was that if I reset the SIC to point it back to the old mgmt station it would do a CPSTOP and CPSTART which would unload the happy policy and I would be back offline and no I could not go onsite!

The solution is to use the cp_conf sic init <password> norestart command in expert mode to reset the SIC without all that annoying stuff happening.

Then we can do a soft stop and start with the following commands:

cpwd_admin stop -name CPD -path “$CPDIR/bin/cpd_admin” -command “cpd_admin stop”

cpwd_admin start -name CPD -path “$CPDIR/bin/cpd” -command “cpd”

[Expert@FWG1:0]# cp_conf sic init 123456 norestart
 Compiled OK.
 Compiled OK.

Hardening OS Security: Initial policy will be applied
 until the first policy is installed
 The Secure Internal Communication was successfully initialized

[Expert@FWG1:0]# cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"
 CPD stopped

 Process CPD (pid=29125) stopped with command "cpd_admin stop". Exit code 0.
 [Expert@FWG1:0]# cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd"
 Process CPD started successfully (pid=386)

After that I could reset the SmartDashboard side and reconnect it!!!!


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.