Reconnect Tool

You can use the Reconnect tool to reconnect all your Endpoint Security clients to a new Endpoint Security Management ServerClosed A Security Management Server that manages your Endpoint Security environment. Includes the Endpoint Security policy management and databases. It communicates with endpoint clients to update their components, policies, and protection data..

Windows

Note - For limitations, see sk92329.

To use the Reconnect tool:

  1. Export a software package. See Manual Deployment of Endpoint Clients .

  2. Transfer the config.dat file from the Endpoint Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. to a local machine where you have installed the SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.:

    1. Verify if the config.dat file exists on the Endpoint Management Server. To verify:

      1. Connect to the Endpoint Management Server through SSH, for example, using PuTTY.

      2. Run:

        ls $FWDIR/conf/SMC_Files/uepm/DA

        Output : 

        admin.p12 config.dat

    2. Connect to the Endpoint Management Server using a file transfer application, for example, WinSCP.

    3. Navigate to root\var\opt\CPSuite<Version>\fw1\conf\SMC_Files\uepm\DA.

    4. Transfer the config.dat file to the local machine.

  3. From the machine where you have the SmartConsole installed, open the Command Prompt window by selecting Run an Administrator.

    • For SmartConsole R80 and lower, run:

      cd C:\Program Files(x86)\CheckPoint\SmartConsole\<VERSION>\PROGRAM\data\RepWorkFolder\INVOKE

      Output:

      C:\Program Files(x86)\CheckPoint\SmartConsole\<VERSION>\PROGRAM\data\RepWorkFolder\INVOKE

    • For SmartConsole R81.10 and higher, run:

      cd C:\Program Files(x86)\CheckPoint\SmartConsole\<version>\Program\util\RepWorkFolder\INVOKE

      Output:

      C:\Program Files(x86)\CheckPoint\SmartConsole\<version>\Program\util\RepWorkFolder\INVOKE

  4. Run:

    C:\Program Files(x86)\CheckPoint\SmartConsole\<version>\Program\util\RepWorkFolder\INVOKE> maketool.bat <path to the location of config.dat> [client_uninstall_password set in the old Web Management Portal]

    The system creates the Reconnect.exe file in the INVOKE folder. For example, in the directory C:\Program Files(x86)\CheckPoint\SmartConsole\<version>\Program\util\RepWorkFolder\INVOKE.

    Notes:

    • client_uninstall_password is optional. If you do not provide it here, you must enter the password when running the Reconnect tool.

    • To run the command in silent mode, run maketool.bat/silent <path to the location of config.dat> [client_uninstall_password]

    • If the client uninstall password contains special characters, enter the password within quotations. For example, example, "!1@3$5^7*9". For special cases, link.

  5. Transfer and run the Reconnect.exe file on the endpoints.

  6. Follow the on-screen instructions.

    The Reconnect tool runs and reconnects the Endpoint Security clients to the new Endpoint Management Server.

  7. Stop all the daemons.

  8. Replace the configuration file.

  9. Reload the daemon.

    The Reconnect tool runs and reconnects endpoints to the new Endpoint Management Server.

    Note - If Endpoint Security clients with version E85.60 and higher cannot connect to the new Endpoint Management Server, your Endpoint Security client may still be connected to the old Endpoint Management Server. For more information, see sk92329.