[northlandboy]

Joncon is correct.

z-wall, it sounds to me like you're a little confused as to the role of the SmartCenter Server, and the enforcement module. Remember, all your rulebases and objects are stored on the Server. When you install policy, it compiles the necessary files, and installs it on the enforcement module. You can easily push the same policy to another firewall, but it doesn't work the other way round - you can't recreate all your rulebases from the module.

As Joncon says, setup a new management station. Configure all new rules and objects to match whatever you think you used to have. Create a new firewall object to represent the existing module. Reset SIC on the module, establish it from SmartDashboard, and push policy.

Until you have a new policy ready to push, don't touch the existing firewall. Take a backup of the Nokia box, including backing up the Check Point config. Once you reset SIC, it will go back to default policy, until you push the new one. If your new policy doesn't work like you expected, you can either fix it, or if it's too much to fix quickly, you can restore from that backup.

I hope you don't have a complex rulebase, because frankly, you're stuffed if you do.

Once you do get it working, GET A BACKUP PROCESS IN PLACE! This also goes for the module. Run regular backups there too, it's very easy with IPSO.