I found myself in a awkward situation the other weekend where I lost access to Check Point’s internal networks after switching over some networks due to anti-spoofing and after a short adventure of spinning up a new management server in Azure, pointing the firewall to it and pushing a more permissive rule I was back online!!!!
However the problem now was that if I reset the SIC to point it back to the old mgmt station it would do a CPSTOP and CPSTART which would unload the happy policy and I would be back offline and no I could not go onsite!
The solution is to use the cp_conf sic init <password> norestart command in expert mode to reset the SIC without all that annoying stuff happening.
Then we can do a soft stop and start with the following commands:
cpwd_admin stop -name CPD -path “$CPDIR/bin/cpd_admin” -command “cpd_admin stop”
cpwd_admin start -name CPD -path “$CPDIR/bin/cpd” -command “cpd”
[Expert@FWG1:0]# cp_conf sic init 123456 norestart initial_module: Compiled OK. initial_module: Compiled OK. Hardening OS Security: Initial policy will be applied until the first policy is installed The Secure Internal Communication was successfully initialized [Expert@FWG1:0]# cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop" CPD stopped cpwd_admin: Process CPD (pid=29125) stopped with command "cpd_admin stop". Exit code 0. [Expert@FWG1:0]# cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd" cpwd_admin: Process CPD started successfully (pid=386)
After that I could reset the SmartDashboard side and reconnect it!!!!