cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Unable to access Gaia R77.30 and R80 through Web UI

Hi, I'am having some issues while doing the initial configuration for Gaia R77.30 and Gaia R80.10

after installing , I can ping the management IP from a Virtual Machine  but unable to open the same in a brower

https://<management IP>

But everything works fine if it is a SPLAT R75 and SPLAT R76

Can any one please advise if I need to do any additional configuration apart from mgmt address so that I can

access it through Web UI

any help much appreciated 

Thanks

Tags (2)
23 Replies
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

What OS are you attempting to access the WebUI from?

What specific errors are you getting?

Can you verify the traffic is reaching the system with a tcpdump?

At some point (probably R77.30), we switched to SHA2 certificates for the WebUI portal.

Older systems (notably Windows XP pre-SP3) won't be able to connect to these systems.

Re: Unable to access Gaia R77.30 and R80 through Web UI

Hi ,Thanks for a quick response,

I'am using windows XP professional version 2002 service pack2 as my virtual machine client ..

I have also run TCPDUMP on newly installed GAIAR77.30 I can see the packets arriving and leaving from the management interface ..

Any comments much appreciated

0 Kudos
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

Like I said, the versions of XP prior to SP3 don’t support SHA2 certificates.

As such, what you are seeing is expected behavior.

If you must use XP, upgrade to Service Pack 3, but I recommend using a supported OS instead.

Re: Unable to access Gaia R77.30 and R80 through Web UI

HI,

Yeah. That is correct what Dameon has suggested. Adding to that if you are facing error SSL version or Cipher mismatch then you can refer sk93395.

Re: Unable to access Gaia R77.30 and R80 through Web UI

Hi ,

I have upgraded the machine to Windows 7 Home basic 32 bit , I can access it via Web GUI, I can ping from my machine to the newly installed firewall
vice versa, I can see the TCPdump (three way hand shake )
but I'am unable to proceed in WEB GUI  (https://<management IP > after Management Connection Wizard , 
Any help will be appreciated
0 Kudos
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

Windows 7 doesn't support SHA2 certificates either unless you apply SP1: Microsoft Security Advisory 3033929 | Microsoft Docs 

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

Hi Dameon, Thanks for your quick response, 

What Windows OS and what version of browser I should be using  to get this working 

Can you pl kindly advise ..

0 Kudos
Highlighted
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

Windows 7 and above with the latest versions of Chrome, IE, or Firefox should work.

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

As mention above I'am already using windows 7 32 bit Service Pack 1 , with latest chrome , Internet explorer as browser 

0 Kudos
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

I'm guessing the problem is with your specific variant of Windows.

To confirm this, simply try connecting with http.

You should get a redirected to an https URL, which will likely show you an error.

An actual screenshot of this would be helpful.

Another thing to try is a modern Linux distribution (e.g. Ubuntu or similar) with Firefox or Chrome, which should work for the purposes of running the First Time Wizard and configuring the Gaia WebUI.

If none of these work, then you can run the First Time Wizard through the CLI using the following procedure: How to run the First Time Configuration Wizard through CLI in Gaia R76 and above 

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

I'am unable to proceed after this window , I have tried using all different browsers .. 

Unable to proceed after this window

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

For a workaround, You can complete First time vizard through CLI. Please refer below URL.

https://community.checkpoint.com/docs/DOC-2410-first-time-vizard-through-cli

For GUI solution, please engage TAC as suggested by Dameon.

Re: Unable to access Gaia R77.30 and R80 through Web UI

Increase the RAM size.

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

dsd asddc did you manage to fix this error?

0 Kudos
Admin
Admin

Re: Unable to access Gaia R77.30 and R80 through Web UI

The fact you’re getting this far (versus just an error page from the browser) suggests it’s not related to SHA2 at all.

I recommend engaging with our TAC for further troubleshooting or use the workaround I provided.

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

Hello All,

I have simulated same in the lab and found that is problem with RAM.

You must have to use 8GB RAM for your virtual Machine (Tried with 4GB, it didnt work, Didnt try with any 6GB).

Regards,

Sachin Guda

0 Kudos
Jeff
Nickel

Re: Unable to access Gaia R77.30 and R80 through Web UI

I have the same problem. The memory expansion didn't help. I decide to expan the system root partition during installation process. It helped me.

0 Kudos
Petr_Hantak
Silver

Re: Unable to access Gaia R77.30 and R80 through Web UI

Yevgeniy, how much space did you provide there?

0 Kudos
Jeff
Nickel

Re: Unable to access Gaia R77.30 and R80 through Web UI

First, I used 35G of HDD for system and 6G for root partition. I have my reasons for this.

Then I have increased the root partition to 12G.

Petr_Hantak
Silver

Re: Unable to access Gaia R77.30 and R80 through Web UI

Thank you for info. I fully understand that you want to reduce size of installation. I'm using shared LAB ESXi for testing purposes and space is limited time to time. So it is good to find some suitable minimum for deployment. 

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

Hi, I have a similar issue. I have installed checkpoint on Vmware workstation but I cannot access it from my web page. I am using ubuntu 17.10 computer. Kindly help me on this

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

I'm running into this as well. I'm using the "CloudGuard IaaS (R77.30) Next Gen Firewall & Threat Prevention (BYOL)" from the AWS marketplace. I've bumped it up a few times in specs trying to fix and now have it running on a c4.4xlarge (16 vCPUs, 30GB mem, 60GB disk). I can get to it with SSH and set the admin password, and then Gaia fires up and let's me log in. But then after log in the page never paints. It's just a white page. It doesn't even seem to be downloading or working on anything. It's just blank. I'm using Firefox 62.0 (64bit) on Mac 10.13.6. Any help appreciated.

UPDATE: Used the advice above to run the initial config on the command line, but even after that, Gaia still comes up with goose eggs. Since I was setting this up specifically to test things in the UI, it is pending and currently shut down. Any advice welcomed.

UPDATE2: It occurred to me that the problem could be with the exact AMI I'm using, so I'll note it's "Check Point CloudGuard IaaS BYOL R77.30-041.168-fb3a4d3c-c993-40ab-ba19-b180ea9b866f-ami-55202c2f.4 (ami-da6652bf)" in case that is information that matters. I'm running in us-east-2 (Ohio). 

0 Kudos

Re: Unable to access Gaia R77.30 and R80 through Web UI

I decided to try out the R80.10 version on AWS, and it worked. But oddly enough, it pointed me to this article about this issue and thought some may find it helpful:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...