- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- R81.20 Gateways with CME not supported?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
R81.20 Gateways with CME not supported?
Hi all,
we tried to deploy some new R81.20 gateways in a GWLB setup and failed with the CME setup. We've got the following setup:
Version of the MDS Server:
CheckPoint R81.10 JHF 66
autoprov_cfg -v
CME Version: Build: 991592204 Take: 222
parts of: autoprov_cfg show all
controllers:
"aws_island":
access-key: xxxxxxxxxxxxxxxxxxxxxxx
class: AWS
regions:
- eu-central-1
- eu-south-1
secret-key: "__protected__autoprovision/controllers/xxxxxxxxxxxxxxxxxx/secret-key"
sync:
gateway: true
templates:
- "aws_island_R8040"
- "aws_island_R8120"
templates:
"aws_island_R8120":
application-control: true
health-check-ip-range: "10.123.0.0,10.123.255.255"
identity-awareness: true
ips: true
one-time-password: "__protected__autoprovision/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx/one-time-password"
policy: "AWS_Integration"
send-alerts-to-server: fwlogxxxxxxxxxxxx
send-logs-to-server: fwlogxxxxxxxxxxxxxx
url-filtering: true
version: "R81.20"
----------------------------
cme.log shows:
2023-01-24 15:30:56,437 CME_SERVICE INFO aws_island--i-000bbdec1f6babbd2--eu-central-1 state is changed to: ADDING
2023-01-24 15:30:56,469 CME_SERVICE ERROR Failed to provision the Security Gateway instance aws_island--i-000bbdec1f6babbd2--eu-central-1.
Error details: Management API failure (add-simple-gateway)..
2023-01-24 15:30:56,480 CME_SERVICE ERROR Error traceback: Traceback (most recent call last):
File "/opt/CPcme/service/cme_service.py", line 536, in sync
instance, gw, auto_hf)
File "/opt/CPcme/cp_handlers/mgmt_autoprovision_handler.py", line 1755, in set_gateway
args = self.establish_gateway(instance, gw)
File "/opt/CPcme/cp_handlers/mgmt_autoprovision_handler.py", line 198, in establish_gateway
simple_gateway=simple_gateway)
File "/opt/CPcme/cp_handlers/mgmt_autoprovision_handler.py", line 244, in configure_gateway_metadata
remove_if_ip_exists_in_cpm=True)
File "/opt/CPcme/cp_handlers/mgmt_autoprovision_handler.py", line 286, in add_gateway_to_cpm
self.management(CPMCommand.ADD_SIMPLE_GATEWAY, gw)
File "/opt/CPcme/cp_handlers/mgmt_handler.py", line 177, in __call__
silent=silent)
File "/opt/CPcme/cp_handlers/mgmt_api_handler.py", line 126, in __call__
CMEExceptionCodes.MGMT_API, command=command)
cme_exceptions.cme_exceptions.ManagementApiException: Error Code: Management API error
API call failed with command: add-simple-gateway
Payload: {'name': 'aws_island--i-000bbdec1f6babbd2--eu-central-1', 'ip-address': '10.123.242.12', 'interfaces': [{'name': 'eth0', 'ipv4-address': '10.123.242.12', 'ipv4-mask-length': 28, 'anti-spoofing': False, 'topology': 'internal'}],
*****, 'version': 'R81.20', 'comments': '{tags=managed-virtual-gateway}'}
Error details: {'code': 'generic_err_invalid_parameter', 'message': 'Invalid parameter for [version]. The invalid value [R81.20] should be replaced by one of the following values: [R75.40 and above]'}
While R81.10 seems to work as version string, R81.20 does not ;-). Any ideas?
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with Terraform