Re-Establishing SIC Trust for a Secondary Multi-Domain Server

Important - You can only re-establish SICClosed Secure Internal Communication. The Check Point proprietary mechanism with which Check Point computers that run Check Point software authenticate each other over SSL, for secure communication. This authentication is based on the certificates issued by the ICA on a Check Point Management Server. trust on a Secondary Multi-Domain ServerClosed Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS. or Multi-Domain Log Servers. There is no option to establish SIC trust on the Primary Multi-Domain Server.

It is occasionally necessary to re-establish trust between a Primary and secondary Multi-Domain Server or Multi-Domain Log ServerClosed Dedicated Check Point server that runs Check Point software to store and process logs in a Multi-Domain Security Management environment. The Multi-Domain Log Server consists of Domain Log Servers that store and process logs from Security Gateways that are managed by the corresponding Domain Management Servers. Acronym: MDLS.. This can occur for many reasons, including:

To re-establish SIC trust:

  1. Open a command line interface to the Secondary Multi-Domain Server or Multi-Domain Log Server.

  2. Log in and run: mdsconfig

  3. Enter the number for Secure Internal Communication, and then press Enter.

  4. Enter y to confirm.

  5. Enter and confirm the activation key.

  6. Enter the number for Exit.

  7. Wait for Check Point processes to stop and automatically restart.

  8. In the SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. Multi-Domain view, double-click a Secondary Multi-Domain Server or Multi-Domain Log Server object.

  9. In the Multi-Domain Server window, click Connect.

  10. In the Initialize SIC window, enter activation key that you entered in step 5 above.

    If successful, the Certificate State field shows Trust established.