https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205288#M4581 <P>Hello Tomlev,&nbsp;</P><P>Thank you for your reply.&nbsp;</P><P>In the "cpstat vsec" table there are 2 clusters and 17 VS</P><P>Also some VS are not listed in the "vsec_controller_cli" list 12&nbsp; of them are missing, Now i am not sure why i have only 85 objects in the list, is this a limitation, should i change a kernel parameter?</P><P>There are some error losgs in the $MDS_FWDIR/log/cpm.elg should i look for something specific ?</P><P>The SMS is running Gaia R81.10 JHFT 110</P><P>Thank you!</P> Wed, 07 Feb 2024 11:01:04 GMT Daniel_Ionut_Ba 2024-02-07T11:01:04Z https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205073#M4578 <P>Hello Checkmates,</P><P><BR />In our DC we have a VSX cluster with 95 VS running on it, we also deployed an on-prem Cloudguard that should filter the ACI traffic. At the moment 19 gateways enforce the Datacenter Objects when running the command "cpstat vsec"</P><P>&nbsp;</P><P>vSEC Controller Status: on<BR />Number of disconnected Data Centers: 0<BR />Number of Data Centers: 2<BR />Number of imported Data Center objects: 461<BR />Number of gateways enforcing Data Center objects: 19</P><P>&nbsp;</P><P><BR />Also, in the " CloudGuard Controller Service Manager Menu" (vsec_controller_cli) there are only 85 VS gateways out of 95 listed</P><P>We are using Datacenter Object for all the tenants and i don't know how i can enforce the datacenter objects on more VS or what is the issue that the Datacenter Objects are enforced on only 19 GW.</P><P>The 2nd topic would be how i can add all 95 or more gateways to the " CloudGuard Controller Service Manager Menu" list</P><P>I have opened a TAC case for this issue but there is no real progress with it, only trial-and-error solutions.</P><P>Thank you for your support!</P><P>&nbsp;</P> Mon, 05 Feb 2024 15:47:16 GMT https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205073#M4578 Daniel_Ionut_Ba 2024-02-05T15:47:16Z https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205078#M4579 <P>What version and JHF take is your management? In the 'cpstat vsec' output there should be a table with the GWs. Could it be that it shows only the physical clusters and not the virtual ones?</P> <P>As for the cli, I'd install policy on one of the missing again, to make sure it is not the issue.<BR />Are there any errors in $MDS_FWIDR/log/cpm.elg or $MDS_FWIDR/log/cloud_proxy.elg?</P> Mon, 05 Feb 2024 17:03:51 GMT https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205078#M4579 tomlev 2024-02-05T17:03:51Z https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205288#M4581 <P>Hello Tomlev,&nbsp;</P><P>Thank you for your reply.&nbsp;</P><P>In the "cpstat vsec" table there are 2 clusters and 17 VS</P><P>Also some VS are not listed in the "vsec_controller_cli" list 12&nbsp; of them are missing, Now i am not sure why i have only 85 objects in the list, is this a limitation, should i change a kernel parameter?</P><P>There are some error losgs in the $MDS_FWDIR/log/cpm.elg should i look for something specific ?</P><P>The SMS is running Gaia R81.10 JHFT 110</P><P>Thank you!</P> Wed, 07 Feb 2024 11:01:04 GMT https://community.checkpoint.com/t5/Cloud-Firewall/vSEC-Controller-enforce-Datacenter-Objects-on-more-gateways/m-p/205288#M4581 Daniel_Ionut_Ba 2024-02-07T11:01:04Z