CPD is the process on the mgt and gateway that maintain SIC.
ON THE GATEWAY
1- cp_conf sic init abc123 norestart – This will reset the private keys on the gateway without restarting anything.
2- cpwd_admin stop -name CPD -path “$CPDIR/bin/cpd_admin” -command “cpd_admin stop” – THIS WILL STOP CPD
3- cpwd_admin start -name CPD -path “$CPDIR/bin/cpd” -command “cpd” —– THIS WILL START CPD with the new keys installed
4- cpwd_admin list – will list the CP processes that are watched by the watcher daemon (restart in case they die)
5 -cpwd_admin -? — will give you tons of choices to choose from
So at this point the gateway is ready to be re-SIC’d with the management using the secret password “abc123″
(only used one time and not used again, can be simple just used for setup and exchanging key material).
AND – The gateway has not reloaded the initial policy.it is still running with the old policy
so if it was a standby member you can fail over to it if you wanted.
ON THE MGT:
In the communication window for the gateway, enter the secret key ‘abc123′.
This will allow the MGT and the GATEWAY to exchange key information and setup the SIC tunnel.
DealWithSecurity 