Re-Establishing SIC Trust for a Secondary Multi-Domain Server
|
|
Important - You can only re-establish SIC |
It is occasionally necessary to re-establish trust between a Primary and secondary Multi-Domain Server or Multi-Domain Log Server
Dedicated Check Point server that runs Check Point software to store and process logs in a Multi-Domain Security Management environment. The Multi-Domain Log Server consists of Domain Log Servers that store and process logs from Security Gateways that are managed by the corresponding Domain Management Servers. Acronym: MDLS.. This can occur for many reasons, including:
-
Changes to the IP address of the Primary Multi-Domain Server, Secondary Multi-Domain Server or Multi-Domain Log Server
Dedicated Check Point server that runs Check Point software to store and process logs. -
Failure and recovery of the Primary Multi-Domain Server
-
Promotion of a Secondary Multi-Domain Server to Primary Multi-Domain Server
-
Internal Certificate Authority (ICA
Internal Certificate Authority. A component on Check Point Management Server that issues certificates for authentication.) failure on the Primary Multi-Domain Server
To re-establish SIC trust:
-
Open a command line interface to the Secondary Multi-Domain Server or Multi-Domain Log Server.
-
Log in and run:
mdsconfig -
Enter the number for Secure Internal Communication, and then press Enter.
-
Enter
yto confirm. -
Enter and confirm the activation key.
-
Enter the number for Exit.
-
Wait for Check Point processes to stop and automatically restart.
-
In the SmartConsole
Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. Multi-Domain view, double-click a Secondary Multi-Domain Server or Multi-Domain Log Server object. -
In the Multi-Domain Server window, click Connect.
-
In the Initialize SIC window, enter activation key that you entered in step 5 above.
If successful, the Certificate State field shows Trust established.