This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Rabindra_Khadka
Contributor
‎2019-04-24 06:56 AM

Unable to connect to the checkpoint cloud check dns, gateway, proxy sever.

There is a issue on CP-MGMT sever, which is unable to get the checkpoint updates server while checking for available hotfix, the gateway, dns is ok, proxy is not compulsory i think, what can be the issue that the management server is facing, while the gateway is getting the checkpoint updates site and its working. 

 

 

0 Kudos
9 Replies
PointOfChecking
Collaborator
‎2021-05-12 08:23 AM
In response to PhoneBoy

Hi PhoneBoy,

 

Today, our MGMT and GW clusters stopped connecting to checkpoint updates services.

I followed the SKs you listed except the 103433 (as we don't have that error) and 112357 (as we don't use a proxy).

All Curl and telnet commands connect successfully.  All settings were as described in the SKs.

 

The FW logs don't show any dropped packets.

I've checked the Audit logs to see if any settings were changed that could have caused the problem, but nothing out of the ordinary since last 2 days.  The overnight IPS updates updates successfully last night.

 

Using R80.40. 

 

Thanks

 

HristoGrigorov
MVP Gold
MVP Gold
‎2021-05-12 09:12 AM
In response to PointOfChecking

Updates Service - Increased Error Rates and Latencies

New incident: Investigating

We are currently investigating this issue.

Time posted

May 12, 08:00 UTC

Components affected


Check Point Quantum Update Service

PointOfChecking
Collaborator
‎2021-05-13 12:42 AM
In response to HristoGrigorov

Thanks!

Checked this morning still seems a bit strange.

3 out of 4 devices can "check for updates" from the CPUSE DA

0 out of 4 devices can download any updates.

 

 

PointOfChecking
Collaborator
‎2021-05-14 01:42 AM
In response to PointOfChecking

Still no luck on my end.  Though I found this error in the logs:

Any idea why the update site has been shown to contain a virus?

 

Time: 2021-05-14T07:58:37Z

Interface Direction: inbound

Other: FDT_LIBCURL

Precise Error: unknown error

Source: MGMT IP

Source Port: 56840

Destination: 88.221.175.14

Destination Port: 80

IP Protocol: 6


Proxied Source IP: MGMT IP < But we don't use a proxy>

Content Type: tgz

Http Server: AkamaiNetStorage

Content Length: 452797041

Method: GET

Http Status: 200

Http Host: dl3.checkpoint.com

User Agent: FDT_LIBCURL

Suppressed Logs: 2

Sent Bytes: 0

Received Bytes: 0

Severity: Low

Last Update Time: 2021-05-14T08:15:05Z

Action: Prevent

Type: Log

Policy Name: Policy-Name
Policy Management: MGMT HostName
Blade: Anti-Virus

Origin: GW HostName
Service: TCP/80

Product Family: Threat

Interface: ethNumber
Description: 88.221.175.14 received a malicious file that was prevented

Reason: File exceeded size limit, File exceeded size limit

Resource: http://dl3.checkpoint.com/paid/b7/b7f5310bb5b1726113bce712fb859cc6/Check_Point_SmartConsole_R80_40_j..., http://dl3.checkpoint.com/paid/b7/b7f5310bb5b1726113bce712fb859cc6/Check_Point_SmartConsole_R80_40_j...
Bytes (sent\received): 0 B \ 0 B

0 Kudos
_Val_
Admin
Admin
‎2021-05-17 02:38 AM
In response to PointOfChecking

It looks like your AVI policy is misconfigured.

0 Kudos
PointOfChecking
Collaborator
‎2021-05-17 03:41 AM
In response to _Val_

Hi Val,

Antivirus?

Where would I go about that changing that?  In R77.30 that was a separate "blade" per se, but in R80.40 that's become part of threat prevention, and I can't find anywhere to specifically configure that?

 

Thanks

 

0 Kudos
_Val_
Admin
Admin
‎2021-05-17 03:43 AM
In response to PointOfChecking

On the second thought, please open a TAC request for this.

0 Kudos
PointOfChecking
Collaborator
‎2021-05-17 04:02 AM
In response to _Val_

LOL.

 

OK. Will do.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events