Console password reset

[darkprince21]

Hi everbody,

How I can reset the console password ?

[varera]

Quote:

Originally Posted by darkprince21

Hi everbody,

How I can reset the console password ?

there are 3 different scenarios for this:

admin is lost, but expert is known
admin is known but expert is lost
both passwords are lost.

please specify your case.

If you have access to CP UC, look there for SPLAT Expert Mode Tips guide, it addresses all three cases.

[kaerez]

Quote:

Originally Posted by varera

there are 3 different scenarios for this:

admin is lost, but expert is known
admin is known but expert is lost
both passwords are lost.

please specify your case.

If you have access to CP UC, look there for SPLAT Expert Mode Tips guide, it addresses all three cases.

Not sure what you're talking about... :-)
s-box's do NOT have an expert mode - it's not SPLAT.
If you have another admin user - you can enter that way, if not - then if the appliance is managed by an SMP you can have the op.'s reset it.
If that's out - then only a reset.

[msjouw]

Quote:

Originally Posted by kaerez

If you have another admin user - you can enter that way, if not - then if the appliance is managed by an SMP you can have the op.'s reset it.

How do you do that through the Checkpoint SMS?
The only way I know is do a remote reset but then you can only set a new password by locally connecting to it. And this will only work when you have the 'old' management software running in the background.

[dantro]

Quote:

Originally Posted by varera

look there for SPLAT Expert Mode Tips guide

Valeri, this is Check Point VPN-1 Edge Appliances forum. Edges don't run on SecurePlatform (SPLAT).

Quote:

Originally Posted by msjouw

How do you do that through the Checkpoint SMS?

In Check Point SmartDashboard open your Edge object > Advanced > Configuration Script.
Fill in the following command:
add users name cpugadmin password {S}jj8xLictKC2I adminaccess readwrite vpnaccess true filteroverride false hotspotaccess false rdpaccess false expire never

Install the security policy to you Edge appliance and once the Edge pulled down its new policy you can login as cpugadmin/cpugadmin
The same way you could reset the console password for your admin user.

Why wasn't that clear to everyone?

[varera]

Quote:

Originally Posted by kaerez

Not sure what you're talking about... :-)
s-box's do NOT have an expert mode - it's not SPLAT.
If you have another admin user - you can enter that way, if not - then if the appliance is managed by an SMP you can have the op.'s reset it.
If that's out - then only a reset.

oops, my bad.

do not know any way other then go to factory default

you nay need to save config script to restore the policy settings. you will need to remove user/pasword part of the script manyally

[msjouw]

Dantro,

Very nice..... if it would work.
I get the validation error message Add without Clear at line 1.

[dantro]

So place a clear users
before the add users ... command. Similar to what can be found in a .cfg configuration export.

[Sergio Tachini]

i am find that the management console is not recording the logs all the time. It stops recording once or twice a day. Have you come across this?

[msjouw]

Dantro,

As we are using IP40, IP45 and IP60's (edge industrial) in different customer locations, this is sometimes a daunting task. These IP 4x's need a
set users # name cpugadmin password xxxxx etc command
this # is the user ID where for the admin user # = 1
So the Clear before a add is somewhat difficult to do as it also requires taht number. Even worse is that an IP4x will tell you that you cannot change tha password locally as 'This feature is remotely managed
The IP60's do not have these limitations.