- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Azure Security Management Server - Status problem ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Azure Security Management Server - Status problem - Lost
The R81.20 image/template of the SMS deployed into Azure has a problem (still) with the any new SMS deployed from the Marketplace right now.
It reports a Status as Lost ( Status: Connection with 'cpmgmt' is lost ). Screenshots attached.
I hoped that the new R81.20 image upload on 30th September would fix that but it does not appear to have fixed it.
https://support.checkpoint.com/results/sk/sk132192
Solution Template / Image |
Version |
Release Date |
What's New |
R81.20- |
- |
30 Sep, 2024 |
|
The status does not appear to affect functionality. It did not last time and so far no problem this time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
that's because you are connected for the first time to the Management Server's Public IP and he put that IP in the Management Server Object. The management server can't monitor it's own public IP because it's not attached to it , it's on Azure which is doing the NAT.
To solve it edit the Management Server object and change its IP address to its private IP, which is configured on the instance , and publish the changes. The issue will be resolved.
This won't affect your connectivity to the Management Server through the Public IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Nir, that has fixed it.
But this is a new issue and I have not seen it in the years before when deploying the SMS into Azure.
Is that documented?
I cannot see anything in Check Point Reference Architecture for Azure or Deploying a Security Management Server (checkpoint.com)
Regards,
Don
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't think it's something new, although I don't remember if it was before R81.20.
bottom line , the Management object is configured with the IP address you are connecting to it in the first time.
with On-Premise we don't usually connect to a NAT IP , because usually you are connecting to the management server from the same network.
in the Cloud it's usually different.