https://community.checkpoint.com/t5/Firewall-and-Security-Management/rad-errors-quot-Failed-to-parse-CP-Site-Response-quot-response/m-p/177395#M32500 <P>Hi,</P><P>I have two clusters of CP 16200 running R80.40 T192 with thousands of internet users.</P><P>I started url filtering blade to block some application using https categorization (no https inspection).</P><P>It's working as expected, but i have now hundreds of "Failed to parse CP Site Response" logs in smartconsole.</P><P>$FWDIR/log/rad_events/Errors is full of error files (hundreds per minute).</P><P>In attach an example of flow error (proxy IP changed)</P><P>We are not using anti-virus or anti-bot.</P><P>I opened a case (SR #6-0003583350)&nbsp; but for now, it doesn't help.</P><P>I have a strange "response expired" message in the error files :&nbsp;</P><P>---------------------</P><P>[rad_xml_urlf.cpp:350] CRadXmlUrlf::listen: [INFO] Found response UTC: 1680631251<BR />[rad_xml_urlf.cpp:359] CRadXmlUrlf::listen: [ERROR] response expired: seconds difference: 68797 now: Wed Apr 5 15:07:28 2023<BR />response time: Tue Apr 4 20:00:51 2023</P><P>---------------------</P><P>In this example, response time is 68797s (=19 hours) before current time. This value varies from 40000 up to 400000s = more than 4 days.</P><P>I'm looking for the possible cause of such errors.</P><P>thanks,</P><P>fred</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 05 Apr 2023 13:26:48 GMT fcamus 2023-04-05T13:26:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/rad-errors-quot-Failed-to-parse-CP-Site-Response-quot-response/m-p/177395#M32500 <P>Hi,</P><P>I have two clusters of CP 16200 running R80.40 T192 with thousands of internet users.</P><P>I started url filtering blade to block some application using https categorization (no https inspection).</P><P>It's working as expected, but i have now hundreds of "Failed to parse CP Site Response" logs in smartconsole.</P><P>$FWDIR/log/rad_events/Errors is full of error files (hundreds per minute).</P><P>In attach an example of flow error (proxy IP changed)</P><P>We are not using anti-virus or anti-bot.</P><P>I opened a case (SR #6-0003583350)&nbsp; but for now, it doesn't help.</P><P>I have a strange "response expired" message in the error files :&nbsp;</P><P>---------------------</P><P>[rad_xml_urlf.cpp:350] CRadXmlUrlf::listen: [INFO] Found response UTC: 1680631251<BR />[rad_xml_urlf.cpp:359] CRadXmlUrlf::listen: [ERROR] response expired: seconds difference: 68797 now: Wed Apr 5 15:07:28 2023<BR />response time: Tue Apr 4 20:00:51 2023</P><P>---------------------</P><P>In this example, response time is 68797s (=19 hours) before current time. This value varies from 40000 up to 400000s = more than 4 days.</P><P>I'm looking for the possible cause of such errors.</P><P>thanks,</P><P>fred</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 05 Apr 2023 13:26:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/rad-errors-quot-Failed-to-parse-CP-Site-Response-quot-response/m-p/177395#M32500 fcamus 2023-04-05T13:26:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/rad-errors-quot-Failed-to-parse-CP-Site-Response-quot-response/m-p/183648#M33709 <P>Hi</P><P>I reply to my post.</P><P>After a (painfull) case where TAC asked me to do some tuning, modify my custom application objects, the case reached R&amp;D where it was rapidly identified that rad process refused the cached proxy reply.</P><P>The problem was resolved as soon as the proxy administrator disabled cache for cws.checkpoint.com</P><P>If rad doesn't accept cached response, it would be better to use the cache-control functionalities of http protocol !</P><P>So if you use proxy, verify that caching is disabled. Hope this will help some members.</P><P>&nbsp;</P><P>fred</P><P>&nbsp;</P> Thu, 08 Jun 2023 15:31:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/rad-errors-quot-Failed-to-parse-CP-Site-Response-quot-response/m-p/183648#M33709 fcamus 2023-06-08T15:31:30Z