Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Raj_Khatri
Advisor

Firemon and R81.10

We are running Firemon which is tied into our MDS running R80.40.  After management was upgraded to R81.10, it has stopped working.  Firemon logs are showing error when communicating with a particular firewall.  The firewall listed should have no impact as it's retrieving data from the MDS/CMA.

Case already opened with both support teams and waiting to hear back.  Just wondering if anyone else has faced the same issues recently...  Thanks

[admin@server 10.x.x.x]$ fmos logview -Tf devpack.log
2022-06-24 12:41:41,950 1542853 [MainThread ] INFO fm.fwscripter: Logging in...
2022-06-24 12:41:41,950 1542853 [MainThread ] INFO fm.fwscripter: logging into domain: CMA
2022-06-24 12:41:41,950 1542853 [MainThread ] INFO fm.fwscripter: Executing login...
2022-06-24 12:41:41,950 1542853 [MainThread ] INFO fm.fwscripter: Attempt at login #1
2022-06-24 12:41:42,868 1542853 [MainThread ] INFO fm.fwscripter: Logged in.
2022-06-24 12:41:42,868 1542853 [MainThread ] INFO fm.fwscripter: Executing get publish data...
2022-06-24 12:41:42,868 1542853 [MainThread ] INFO fm.fwscripter: getting publish data
2022-06-24 12:41:42,868 1542853 [MainThread ] INFO fm.fwscripter: Executing show-last-published-session...
2022-06-24 12:41:42,962 1542853 [MainThread ] INFO fm.fwscripter: Executing get install data...
2022-06-24 12:41:42,963 1542853 [MainThread ] INFO fm.fwscripter: Executing show-gateways-and-servers...
2022-06-24 12:41:49,928 1542853 [MainThread ] INFO fm.fwscripter: Executing show-gateways-and-servers...
2022-06-24 12:41:51,686 1542853 [MainThread ] INFO fm.fwscripter: Domain is CMA
2022-06-24 12:41:51,687 1542853 [MainThread ] INFO fm.fwscripter: Executing run-script...
2022-06-24 12:41:53,253 1542853 [MainThread ] ERROR fm.fwscripter: error running command: run-script
2022-06-24 12:41:53,253 1542853 [MainThread ] ERROR fm.fwscripter: http status=404 content=b'{\n "code" : "generic_err_object_not_found",\n "message" : "Requested object [firewall] not found"\n}'
2022-06-24 12:41:53,253 1542853 [MainThread ] ERROR fm.fwscripter: An error occurred during retrieval: Please check logs for additional detail.
2022-06-24 12:41:53,253 1542853 [MainThread ] ERROR fm.fwscripter: http status=404 content=b'{\n "code" : "generic_err_object_not_found",\n "message" : "Requested object [firewall] not found"\n}'
2022-06-24 12:41:53,253 1542853 [MainThread ] ERROR fm.fwscripter: Traceback (most recent call last):
File "<string>", line 842, in retrieve_config
File "<string>", line 775, in gather_routes
File "<string>", line 61, in api_call
Exception: http status=404 content=b'{\n "code" : "generic_err_object_not_found",\n "message" : "Requested object [firewall] not found"\n}'

0 Kudos
14 Replies
PhoneBoy
Admin
Admin

Given the tool generating these errors is from Firemon, not sure Check Point TAC can assist with this.

0 Kudos
the_rock
Champion
Champion

I dealt with Firemon in my old job, but not for too long though. I will see if I can find some steps for you that could help. @PhoneBoy is right though...if those logs come from Firemon side, you may wish to check with them. I do find it a bit odd that issue happened after CP upgrade, so maybe worth checking CP logs as well.

0 Kudos
Raj_Khatri
Advisor

I was able to see the same errors in the api.elg logs.  Waiting on TAC to come back.

Thanks

the_rock
Champion
Champion

I actually emailed a contact from Firemon (had their email from 5 years ago) and guy said he was not aware of any issues with R81.10 that they could find in their database, so keep us posted on what TAC says.

0 Kudos
_Val_
Admin
Admin

I do not think TAC should be the first point of contact here. Third-party product fails after CP upgrade, this should be taken with Firemon first. 

0 Kudos
the_rock
Champion
Champion

Well, considering this worked before the upgrade, logically it would indicate problem on CP side, but lets see...just my 2 cents.Looking forward to resolution from @Raj_Khatri .

0 Kudos
_Val_
Admin
Admin

@the_rock sorry, but I strongly disagree. I have seen tons of cases where upgrading CP led to failure on the third party due to implementation mishaps, API changes, and other things that were not addressed by the third party vendor. 

"If it worked before, it should work again" only applies to a single vendor implementation. If Firemon fails after CP upgrade, Firemon support should be the first point of contact. If they then said, take it with TAC, it is another matter.

0 Kudos
the_rock
Champion
Champion

@_Val_ ...every case is different. Im just going based on logic here, since person at Firemon I contacted said they were not aware of any compatibility issues with R81.10 version.

 

Anyway, lets see how it gets solved.

0 Kudos
_Val_
Admin
Admin

The person you contacted is not familiar with the actual issue, and his general information may be incomplete. 

0 Kudos
the_rock
Champion
Champion

Considering he is a senior tech and I showed him this link, I tend to disagree with that statement : - )

0 Kudos
_Val_
Admin
Admin

I do not see a point to continue this discussion. Unless we have an official conclusion this is not a Firemon issue, I will stick to my opinion. Hearsay does not cut it.

That said, everyone has a right to a different point of view 🙂

0 Kudos
the_rock
Champion
Champion

I agree brother, I already moved on, no point spending time on trivial stuff : - )

Cheers.

0 Kudos
Raj_Khatri
Advisor

Initially a support case was opened with Firemon and they found a case with another customer that faced the same issue and was resolved by Checkpoint TAC, but never received the root cause to log in their system.  Hence why I opened a case with CP.

It has yet to be resolved and both support teams are looking into the issue.  Will definitely keep you posted on the resolution.


Cheers 

the_rock
Champion
Champion

Just curious, have you done any captures on the firewall to see what happens with the traffic?

0 Kudos