How to restart services on a Check Point firewall in order to use the sdopts.rec file
3 years ago
Originally Published: 2018-03-02
Article Number
000054825
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
Issue

Knowledge article 000029015 - Why an IP address override can fix an initial authentication failures with RSA Authentication Manager when the error Authentication Method Failed displays explains how to fix initial authentication failures and why an an IP address override works.

IP address overrides can be configured for any agent that leverages the sdopts.rec file.  Despite creating the sdopts.rec, it never seems to work on a Check Point firewall agent (even after a reboot of the Check Point), which uses the RSA Authentication Manager API.

A search of older knowledge base articles using "Check Point" AND "Node Secret" all reference the need to restart Check Point services, but neglect to mention the syntax for this.
Tasks
To read in the sdopts.rec,
  1. Stop Check Point firewall services.
  2. Start Check Point firewall services.
Resolution
At the Linux command prompt on the Check Point, run the following commands: 
cpstop 
cpstart

Very old Check Point firewalls use the following syntax 
fwstop                
fwstart


                                     
Notes
If your Check Point agent entry has the IP address 192.168.22.14 in the Authentication Manager Security Console (Access > Authentication Agents > Manage Existing), then that is the IP address to use as the IP address override value in the sdopts.rec. 
  1. If an sdopts.rec does not exist on the Check Point, create a text file in Notepad or another text editor.  If one exists, open the existing file.
  2. Use the following syntax:
CLIENT_IP=192.168.22.14

Related Articles

Trending Articles

Don't see what you're looking for?