San Jose Checkpoint Firewall (sjcp ) 10.224.88.1         10-10-2003
     Lisle Checkpoint Firewall (chicp) 10.224.89.1


To get access to sjcp (or chicp), use the Windows "Terminal Services"
client.  The userid/password is adminstrator/global.

Then you can launch any of the Checkpoint tools by using the desktop icons.
There's
 - Check Point Configuration Tool
 - Check Point FwPolicy
 - SecureUpdate
 - Checkpoint Log

There are 3 userids defined for these tools,
 - fwadmin (password is its2002)
 - mcrom
 - rick (read-only)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

On 10-10-2003, the Philadelphia guys had lost the "Pre-shared Secret"
for our VPN's and I had to poke around to find it.  To get it,
 - Launch the Policy Editor
 - Authenticate as fwadmin/its2002

There are 3 windows, not counting the tool bars.  It appears the list of things
in the bottom right window changes depending on what you click on in the left
window.  

In the left window,
 - Click on "Workstation" under the "Network Objects" folder.

Then in the bottom, right window,
 - Scroll through the list of workstations down to "ThomsonFirewall",
 - Right-Click to bring up the menu and 
 - Select "Edit..."

In the "Workstation Properties - ThomsonFirewall" window that pops up,
 - Select "VPN",
 - The "IKE" will be highlighted, click on "Edit..."

In the "IKE Properties" window that pops up,
under "Support authentication methods:",
the "Pre-Shared Secret" box should already be checked.
 - Click on the "Edit Secrets..." button.

In the "Shared Secret" window that pops up, once again,
 - Click on the "Edit" button.
And there, it finally tells you that the shared secret is "Mr.B1g".

That's what Mike Alvarez needed to know to get the Philly-Lisle & Philly-San Jose
VPN's working again.