I was able to see the same errors in the api.elg logs.  Waiting on TAC to come back.

Thanks

I actually emailed a contact from Firemon (had their email from 5 years ago) and guy said he was not aware of any issues with R81.10 that they could find in their database, so keep us posted on what TAC says.

I do not think TAC should be the first point of contact here. Third-party product fails after CP upgrade, this should be taken with Firemon first. 

Well, considering this worked before the upgrade, logically it would indicate problem on CP side, but lets see...just my 2 cents.Looking forward to resolution from @Raj_Khatri .

@the_rock sorry, but I strongly disagree. I have seen tons of cases where upgrading CP led to failure on the third party due to implementation mishaps, API changes, and other things that were not addressed by the third party vendor. 

"If it worked before, it should work again" only applies to a single vendor implementation. If Firemon fails after CP upgrade, Firemon support should be the first point of contact. If they then said, take it with TAC, it is another matter.

@_Val_ ...every case is different. Im just going based on logic here, since person at Firemon I contacted said they were not aware of any compatibility issues with R81.10 version.

Anyway, lets see how it gets solved.

The person you contacted is not familiar with the actual issue, and his general information may be incomplete. 

Considering he is a senior tech and I showed him this link, I tend to disagree with that statement : - )

I do not see a point to continue this discussion. Unless we have an official conclusion this is not a Firemon issue, I will stick to my opinion. Hearsay does not cut it.

That said, everyone has a right to a different point of view 🙂

I agree brother, I already moved on, no point spending time on trivial stuff : - )

Cheers.

Initially a support case was opened with Firemon and they found a case with another customer that faced the same issue and was resolved by Checkpoint TAC, but never received the root cause to log in their system.  Hence why I opened a case with CP.

It has yet to be resolved and both support teams are looking into the issue.  Will definitely keep you posted on the resolution.

Cheers 

Just curious, have you done any captures on the firewall to see what happens with the traffic?

Hi Raj,

Can you share TAC ticket information?

SR#6-0003308885

No progress yet, TAC is trying to replicate in their lab.

CheckPoint is going to say it is not a CP issue and Firemon is going to say it is not a Firemon issue.   We have been working through many issues with Firemon and CheckPoint ever sine we left R77.30 to go to R80.20 then to R80.40 and now to R81.10.   It has been issues on both sides.  We had a lot of issues with CP's API and how it was not returning everything to Firemon.  And the MDS could not keep up with it.  We had to adjust heap sixes on the MDS and we then had to work with Firemon because they were trying to grab everything at once.  Not very efficient.  Once Firemon fixed the way they were pulling data from the API things started working better.  However we still had nothing but issues.   Now on R81.10, the CP's API is better and the MDS is much faster.  We just upgraded Firemon to 9.7.3 and we still don't have usage data working.    Good luck.   

I think you said it EXACTLY how it is!

Thanks for sharing, I was hit the exactly same situation (R77.30 > R80.10 > R80.40 > R81.10), recently I fixed the issue by adding new gateway to CheckPoint.

The API read back to normal and without below error message after added a new gateway to CheckPoint management, FYI.
"generic_err_object_not_found",\n "message" : "Requested object [firewall] not found"\n}'

And I found that CheckPoint was updated silently in JHF_T75 (which is Ongoing Take) about this...... refer to below IDs

PRJ-38800,
PRHF-23379

Things are working with FMOS 9.5.6 but not 9.6.x or 9.7.x.

From Firemon - 

Starting in 9.6, we switched to retrieving routes via API for Check Point devices. The reason for switching is Check Point has been working to deprecate CPMI, so FireMon have to move towards using just the API for retrieval. This was part of a larger effort to convert the Check Point retrieval process to API only which eliminates the need for CPMI connectivity.  The retrieval error is happening because the API call is not responding in a way we would expect and it have to be solved from CP.

 I still get the same error message during retrievals.  Are you saying just by adding a new gateway to the CMA fixes the issue?

In my case, yes, and the error message is exactly same with yours.

FireMon is retrieving gateways by A-Z, in my case, I newly added a Checkpoint gateway as first one in A-Z list, for example: if your error appear from [firewall], just try to add new firewall named [Afirewall], not sure it will resolve your side too but my side's issue is gone... that retrieval & normalization back to normal