This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Fednot
Explorer
‎2022-05-23 08:36 AM

CME can't scan for MIG gateway instances on GCP

Hello,

I'm a newcomer to CME with GCP and I run into an issue that my on-premises MGMT can't find the cloudguards in GCP.
gcp deployment is handled by terraform scripts and I think I miss a piece of the puzzle so both sides can work together.

in the cme log I get this error:

2022-05-23 16:58:59,083 CME_SERVICE INFO ********** Starting loop iteration number 523 for gateway instances *******
***
2022-05-23 16:59:00,783 CME_SERVICE INFO There are no gateways known by the management at the beginning of the iteration
2022-05-23 16:59:01,194 CME_SERVICE ERROR Error during synchronization with Security Gateways.
Error details: Failed to scan for gateway instances in the cloud account xxxxxxxxxxxxxxxxxxx..
2022-05-23 16:59:01,200 CME_SERVICE ERROR Error traceback: Traceback (most recent call last):
File "/opt/CPcme/service/cme_service.py", line 433, in sync
filtered_instances = controller.filter_instances()
cloud_connectors.gcp.HTTPException: Unexpected HTTP code: 404

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/CPcme/service/cme_service.py", line 584, in loop
sync(c, management, gateways)
cme_exceptions.cme_exceptions.ControllerException: Error Code: Failed to scan for gateway instances

Failed to scan for gateway instances in the cloud account xxxxxxxxxxxxxxxxxxx.
2022-05-23 16:59:01,200 CME_SERVICE INFO
2022-05-23 16:59:01,485 CME_SERVICE INFO There are no gateways known by the management at the end of the iteration
2022-05-23 16:59:01,485 CME_SERVICE INFO ********** End of the iteration number 523 for gateway instances. Iteration time:
0:00:02.401860 **********

has anybody encountered this issue?

I followed these instructions to set it up:

https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Content/Topics-CME/CME_Structure_...

https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_and_Above_CG_Autoscaling_Man...

https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/95584/FILE/CP_CloudGuard_Network_for_GC...

https://community.checkpoint.com/t5/Cloud-Network-Security/CloudGuard-GCP-auto-provisioning-error/m-...

 

0 Kudos
1 Reply
natanelm
Employee
Employee
‎2022-06-12 09:34 AM

Hi,

According to the logs you shared, it looks like a permission issue,
Please make sure you followed the Creating-GCP-Service-Account, and your service account has the right permissions.  

If you are still facing the issue, please follow the below and open a ticket: 

  1. Collect CME Log Collector file as described in Cloud Management Extension R80.10 and Higher Administration Guide > Troubleshooting > CME Log Collector.

  2. Contact Check Point support, and request to open a ticket that includes CME Log Collector file collected in the previous step.

Thanks,
Natanel

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events