Link to home
Avatar of funray
funray

asked on

cannot install checkpoint policy

I have the need for some help with my old checkpoint NG FP3

I have tried to revoke and create a new IKE Cert for use in my vpn and now my policy will not install

When I try to push the policy, it verifies and then sits on installing (for hours) with no errors .

I can abort and no policy changes were put in place (as in the old policy is still active)

HELP!
Ray
Avatar of Sandy
Sandy
Flag of India image

i believe you need to select the appropriate cert in tunnel config also. Please check
Avatar of funray
funray

ASKER

There is no where to select the cert in the tunnel config.  All I can do is select participating gateways

To be clear
1. I have revoked and created a new cert (using internal CA) on the checkpoint node
Before I could do this I had to remove the CP object as a participating gateway in the tunnel.

2. when I try to push the policy, the progress shows that it verifies OK but will not push the policy in. it just waits to infinity.  

3. The smartdashboard does not lock up, I am able to abort the push, and the old policy is still in place

it is as if the pushing is waiting for something to happen and it has no timeout
ASKER CERTIFIED SOLUTION
Avatar of funray
funray

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of funray

ASKER

The reason is because I figured it out on my own.