This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Paul_Warnagiris
Advisor
‎2017-10-25 11:55 AM

WaitCondition timed out. Received 0 conditions when expecting 1

Didn't see much on this in the support portal.  This occurs 45-60 minutes after I kick off a cloudformation template for r80.10 management into a pre-existing VPC. Template #6 from sk111013 (top section -- first #6).  Any recommendations on next steps?

Physical ID:arn:aws:cloudformation:us-east-1:709709569732:stack/Check-Point-Management/cefceab0-b9aa-11e7-b989-50a686e4bbe3/ReadyHandle
Client Request Token:Console-CreateStack-262cdf0a-5109-4f76-ba24-39e5272c7a4a

0 Kudos
8 Replies
Paul_Warnagiris
Advisor
‎2017-10-25 12:06 PM

If you look in the template, there is a wait condition of 3600 seconds, waiting for the instance to come up. In the boot script of the instance, there is a curl command that is supposed to trigger the wait condition to be released.  There is no internet connected to any of these subnets yet as this is a highly secured environment.  We will be connecting to the management and the gateways via an on-prem VPN and during the cut window we will allow access which will be ultimately guarded by the Check Point.  Until that time however, no Internet access is available.  Is Internet access a mandatory requirement?   My guess is that since there is no Internet this wait thing requires public internet access.  Is my only option allowing Internet access to this box?

0 Kudos
PhoneBoy
Admin
Admin
‎2017-10-25 12:26 PM
In response to Paul_Warnagiris

The wait condition appears to be the act of allocating a Public IP address:

 "ReadyCondition": {
 "Type": "AWS::CloudFormation::WaitCondition",
 "Condition": "AllocatePublicAddress",
 "DependsOn": [
 "Instance"
 ],
 "Properties": {
 "Handle": {
 "Ref": "ReadyHandle"
 },
 "Timeout": "3600"
 }
 },

My guess is that you will need to modify the template so that it doesn't do this.

Also, choose a different wait condition Smiley Happy

0 Kudos
Paul_Warnagiris
Advisor
‎2017-10-27 10:43 AM

Just to let you know I removed the wait condition and the device provisioned as expected.  Not sure what was going on with that particular AWS cloud or the template, but simply removing the wait allowed it to provision properly...  Odd...

0 Kudos
LostBoY
Advisor
‎2019-12-04 01:32 AM
In response to Paul_Warnagiris

I have come across the same problem... how did you manage to remove the wait condition.. how to edit the template ?
0 Kudos
Nir_Shamir
Employee Employee
Employee
‎2021-01-25 05:46 AM
In response to LostBoY

the issue is usually with internet connectivity or DNS resolve.

check it on the Gateways after deployment.

0 Kudos
LostBoY
Advisor
‎2023-01-19 03:22 AM
In response to Nir_Shamir

Stack roll backs and deletes all the GWs or Management Server due to this WaitCondition

0 Kudos
LostBoY
Advisor
‎2023-01-19 03:23 AM
In response to Paul_Warnagiris

Can you please share how did you delete the wait condition ..did you remove the entire "Type" or just deleted "Condition" ?

0 Kudos
Edan_Leventhal
Employee
Employee
‎2023-07-05 12:18 AM
In response to LostBoY

Hi LostBoY,
Don't know if this is still relevant for you, but to answer your questions:
1. How to edit the template-
You can find the method to manually load a template in our GitHub page. you will need to edit the relevant .yaml file.
CloudGuardIaaS/aws/templates at master · CheckPointSW/CloudGuardIaaS · GitHub

2. The section you need to delete from the yaml file to bypass the wait condition:

 ManagementReadyCondition:
    Type: AWS::CloudFormation::WaitCondition
    Condition: EIP
    DependsOn: ManagementInstance
    Properties:
      Handle: !Ref ManagementReadyHandle
      Timeout: 1800
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events