This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JimmySnow
Explorer
‎2023-08-15 07:38 PM

Questions about Network Feed

Dear all,

We have started using R81.20 Network Feed.

We have one SMS server and  one cluster, including two gateways; all of them are R81.20

SMS: R81.20 take 8

GW: R81.20 take 10

We have set up Network Feed, and we can successfully test feed connectivity.

However, the result shows our gateways failed to update the network feed.

We checked the feed settings and found the certificate-id is missing, and it seems the certificate-id cannot be saved in the feed object

Is anyone encounter this problem?

If any one need more/detail information, please let me know

Thanks

 

====modified the post and add screenshot=====

1 After created the network feed, I clicked “Test Feed”

jimmytang_0-1692323388857.png

2 Then I clicked “Accept certificate anyway”

jimmytang_1-1692323388859.png

3 Then I clicked “Trust and Recheck”

jimmytang_2-1692323388860.png

4 The test result showed OK

jimmytang_3-1692323388861.png

5 Everything was fine here, the self-signed certificate was correctly when I moved mouse to the blue icon.

jimmytang_4-1692323388863.png

6 However, I found that after I clicked “OK” in Step 5. The feed did not change after 5 minutes. So, I checked the network, and the blue icon of signed certificate DISAPPEARED.

jimmytang_5-1692323388864.png

7 I used command line to show the feed, there is no certificate-id in it

jimmytang_6-1692323388866.png

8 Hence, I used command line to add certificate-id, and the certificate-id is in the feed

However, my network feed still cannot get the latest feed on my server, after I check my SMS, the network feed object on my SMS shows the same as Step 6

jimmytang_7-1692323388868.png

0 Kudos
11 Replies
PhoneBoy
Admin
Admin
‎2023-08-16 09:00 AM

We checked the feed settings and found the certificate-id is missing, and it seems the certificate-id cannot be saved in the feed object”

What precisely is meant by this?
Please provide a screenshot (sensitive details can be redacted).

JimmySnow
Explorer
‎2023-08-17 06:54 PM
In response to PhoneBoy

Dear Sir, 

Thank you for the suggestion, I have modified my post and added screenshot in it

0 Kudos
the_rock
Legend
Legend
‎2023-08-16 09:03 AM

Im with Phoneboy here, not really sure what you mean by cert id is missing.

Andy

0 Kudos
JimmySnow
Explorer
‎2023-08-17 06:55 PM
In response to the_rock

Dear Sir, 

Thank you for replying my message, I have added screenshots

0 Kudos
the_rock
Legend
Legend
‎2023-08-17 07:07 PM
In response to JimmySnow

Based on what you sent, to me anyway, seems like its working fine. Does it show green if you test it from smart console at this point?

Andy

0 Kudos
JimmySnow
Explorer
‎2023-08-17 07:13 PM
In response to the_rock

Yes sir, The test results are fine, like the fourth screenshot in my post

However, when I open the settings of the feed, it go back to the first screenshot, even though I have used command line to setup the certificated-id

0 Kudos
the_rock
Legend
Legend
‎2023-08-17 07:39 PM
In response to JimmySnow

Works fine for me

Andy

 

[Expert@QUANTUM-MANAGEMENT:0]# mgmt_cli show network-feed name test-feed
Username: admin
Password:
uid: "3a4737ad-3427-4534-bbd7-20efe27b4293"
name: "test-feed"
type: "network-feed"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"
update-interval: 60
data-column: 1
feed-format: "Flat List"
feed-type: "IP Address"
custom-headers: []
feed-url: "https://list.***.******rk/checkpoint_threatlist.txt"
certificate-id: "1cdea6428f1587cc3f40516b48788f5512c3be0d"
ignore-lines-that-start-with: "#"
fields-delimiter: "\n"
use-gateway-proxy: true
comments: ""
color: "black"
icon: "NetworkObjects/NetworkFeed"
tags: []
meta-info:
lock: "unlocked"
validation-state: "ok"
last-modify-time:
posix: 1692326114650
iso-8601: "2023-08-17T22:35-0400"
last-modifier: "admin"
creation-time:
posix: 1692326114650
iso-8601: "2023-08-17T22:35-0400"
creator: "admin"
read-only: false
available-actions:
edit: "true"
delete: "true"
clone: "not_supported"

[Expert@QUANTUM-MANAGEMENT:0]#

0 Kudos
JimmySnow
Explorer
‎2023-08-17 08:06 PM
In response to the_rock

The problem is really tricky

In this environment, command line shows OK, but my SMS always shows the 6th screenshot when I open the settings of the network feed, and my gateways cannot get the feed correctly...

I have tried created different network feed objects, reboot my SMS server, set network feed object by command line, but the results are the same...

Also, I am planning to update to take 24 and test again...

Any ideas where I can check and modify to fix this problem?

0 Kudos
the_rock
Legend
Legend
‎2023-08-17 08:17 PM
In response to JimmySnow

Im on take 26, latest one. Maybe TAC case would be good idea.

0 Kudos
Jayves
Explorer
‎2024-02-26 06:41 AM
In response to JimmySnow

may i know if you still encounter this issue? i have same issue on my network feed also cannot update the feed when im trying to change the text file.

0 Kudos
JimmySnow
Explorer
‎2024-03-20 07:02 PM
In response to Jayves

Dear Sir,

We observed that although it showed our gateways failed to update the network feed, our gateways did update the network feed successfully. You can check your gateways after the update periods. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events