cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Not applicable

I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution


I get CERTIFICATE NOT VALID YET ERROR ON SMART CONSOLE ?

any suggestion would be good.

I have to do a demo on this to partners next week

Tags (2)
0 Kudos
1 Solution

Accepted Solutions

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

I had a connectivity problem with Smart Console till I increased RAM to 4GB.

10 Replies

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Check your time/date on the R80 Mgmt server vs. the workstation running SmartConsole.  My guess is that the clock on the R80 Mgmt server is incorrectly set in the distant future or past.  If using VMWare the time/date can be a constant problem since it steals processing cycles and can cause substantial clock drift in the guest VMs; setting up NTP is strongly recommended to keep this from happening.

--

My book "Max Power: Check Point Firewall Performance Optimization"

now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

I think you are right. Probably wrong timezone and set to the future

0 Kudos
Not applicable

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Error still seems to be there Smiley Sad

I have set the same time zone for both console machine and CLI on SMS.

After entering user name/password, I get some weird html code

name="others" content="WEBUI LOGIN PAGE"  /><TITLE>Gaia</TITLE>

<link rel="shortcut icon" href="https://community.checkpoint.com/login/fav.ico">

<link rel="stylesheet" type="text/css" href="https://community.checkpoint.com/login/ext-all.css" />

<link rel="stylesheet" type="text/css" href="https://community.checkpoint.com/login/login.css" />

<STYLE TYPE="text/css">

.ext-ie .webui-login-fld{font-size: 11px;}

</STYLE>

<script type="text/javascript"

0 Kudos

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Reset SIC for the gateway object in the SmartDashboard and from the CLI on the gateway via cpconfig (make sure to completely exit the cpconfig menu or the SIC reset won't complete).  Re-establish SIC to reissue the gateway's certificate with a hopefully sane date.

--

My book "Max Power: Check Point Firewall Performance Optimization"

now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos
Not applicable

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Thanks Tim.

there was no option of reset SIC but I entered fwm SIC_reset command, it did something but came up with error " failed to connect to NGM server"

Then I restarted console and tried connecting, I got following steps...

0 Kudos

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Tough to say, but it looks like the SMS certificate being presented to the SmartConsole GUI is no longer in a valid time range since you corrected the time and date.  While this can certainly be fixed somehow, it would probably be easier to just reload the SMS making sure to set the time and date properly during the Gaia web interface post-installation dialog, and configuring NTP to avoid future clock drift.

--

My book "Max Power: Check Point Firewall Performance Optimization"

now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

I had a connectivity problem with Smart Console till I increased RAM to 4GB.

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Right, minimum RAM for R80 SMS is 4GB.  See this thread:

Hardware requirement for R80

--

My book "Max Power: Check Point Firewall Performance Optimization"

now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos
Not applicable

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

Well thanks Roman. I did a fresh install with 6GB RAM and it worked fine. I was able to do a demo on 16th March.

I can now connect using smart console.

Thanks for your help guys.

I might start a new threat on how should i add a gateway  as i am unable to establish SIC between G/w and R80 Mgmt.

Thanks once again for your help.

0 Kudos

Re: I have installed the ISO and dashboard console but i am unable to communicate R80 server using console

Jump to solution

I have a production R77.30 management so I simply did migrate export/import and R80 is able to establish SIC with R77.10 gateway without any problem.

0 Kudos