CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 7 of 7

Thread: Lost my only FW-1 Management/SmarCenter Server

  1. #1
    Join Date
    2006-08-10
    Posts
    3
    Rep Power
    0

    Default Lost my only FW-1 Management/SmarCenter Server

    I had a meltdown of our only FW-1 Management/SmarCenter server in a datacenter disaster. I tried installing the SmarCenter software on a new box and tried connection to the firewall to no avail.

    How can I go about getting a new Management/SmarCenter Server to talk to the firewall?

    We are using NG with AI. Any help would be much appreciated.

  2. #2
    Join Date
    2006-06-08
    Location
    UK
    Posts
    149
    Rep Power
    15

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    Assumming you have backups this should be achievable. What platform is NG running on?

  3. #3
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    This should be pretty simple....provided you have proper backups of your SmartCenter Server.

    You would just need to install Check Point on your new system, restore from backup, et voila! It should all just work.

    It sounds like you might have just installed Check Point without restoring anything from backup - in which case SIC will not be established. For that matter, the server won't have any records of the rulebases, objects, etc.

    So which is it? Did you restore from backup? Using which method?

    If you don't have a backup, there is nothing you can do. Leave the current firewall running untouched, and create entirely new objects and rulebases.

  4. #4
    Join Date
    2006-08-10
    Posts
    3
    Rep Power
    0

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    This is the worst case scenario...I do not have any backups of the SmartCenter server what so ever.

    CheckPoint NG with AI is running on a Nokia (IPSO). The SmartCenter server was running on Win2K.

    nothlandboy...when you say "Leave the current firewall running untouched, and create entirely new objects and rulebases."...does this mean that a new SIC will be established and I just do a "Save As" and save the rulebase?

  5. #5
    Join Date
    2006-06-08
    Location
    UK
    Posts
    149
    Rep Power
    15

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    z-wall,

    you will have to re-create all objects on your 'new' management station and the rulebase. You will then have to reset SIC between management station and the firewall to enable them to talk to each other. Once you have initiated SIC push down your 're-created' policy onto the firewall.

  6. #6
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    Joncon is correct.

    z-wall, it sounds to me like you're a little confused as to the role of the SmartCenter Server, and the enforcement module. Remember, all your rulebases and objects are stored on the Server. When you install policy, it compiles the necessary files, and installs it on the enforcement module. You can easily push the same policy to another firewall, but it doesn't work the other way round - you can't recreate all your rulebases from the module.

    As Joncon says, setup a new management station. Configure all new rules and objects to match whatever you think you used to have. Create a new firewall object to represent the existing module. Reset SIC on the module, establish it from SmartDashboard, and push policy.

    Until you have a new policy ready to push, don't touch the existing firewall. Take a backup of the Nokia box, including backing up the Check Point config. Once you reset SIC, it will go back to default policy, until you push the new one. If your new policy doesn't work like you expected, you can either fix it, or if it's too much to fix quickly, you can restore from that backup.

    I hope you don't have a complex rulebase, because frankly, you're stuffed if you do.

    Once you do get it working, GET A BACKUP PROCESS IN PLACE! This also goes for the module. Run regular backups there too, it's very easy with IPSO.

  7. #7
    Join Date
    2006-08-10
    Posts
    3
    Rep Power
    0

    Default Re: Lost my only FW-1 Management/SmarCenter Server

    I will give it a shot and put a backup process in place once everything is up and running.

    joncon and northlandboy thanks for all your help...I really appreciate it!

Similar Threads

  1. Lost Management
    By skipper in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 9
    Last Post: 2010-03-09, 18:27
  2. Management Server NAT
    By kcook73 in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 1
    Last Post: 2009-04-08, 05:34
  3. VPN connections lost when management server is offline
    By Reaper in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 8
    Last Post: 2007-02-15, 11:12
  4. Management server behind another NGX FW
    By nsiddiqi in forum Topology Issues
    Replies: 3
    Last Post: 2006-08-16, 19:29
  5. Secondary Management Server
    By dclegg in forum Management High Availability
    Replies: 2
    Last Post: 2006-04-08, 08:48

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •