This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Malik1
Contributor
‎2020-09-01 05:57 AM

Unable to push threat prevention policy

Hi Experts.

 

After upgrading one of the cluster member to r80.30 from r77.30 im getting the error in attached file .So we have only upgraded the standby member  and the active member is still on r77.30, when we change the the cluster version in smart console from r77.30 to r80.30 we are presented with this error in the attached file and threat prevention policy fails for both gateways.

If we change the cluster version on back to r77.30 the threat prevention policy get partially installed on the gateway with r77.30 and failed on gateway with r80.30 with below error


Status: Failed
- Installation failed. Reason: Failed to connect to the module, or the connection was lost.
--------------------------------------------------------------------------------

Any idea what the issue can be ?

 

Regards,

Sijeel Malik 

 

Preview file
95 KB
Preview file
55 KB
ErrorTP.txt
0 Kudos
4 Replies
Timothy_Hall
MVP Gold
MVP Gold
‎2020-09-01 07:00 AM

Force an immediate update of IPS, then do an "Update Images" for Threat Emulation.

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course
0 Kudos
Malik1
Contributor
‎2020-09-01 02:20 PM
In response to Timothy_Hall

Hi Tim,

Updated the IPS but that doesn't help and  Threat Emulation is already updated (all green). I have a logged case with tac a they aren't sure about the issue. Changing the gateway versions in smart console from r80.30 to 77.30 (one member is on r77.30 and other on 80.30 ) allow me to push the  threat prevention policy on the gateway with r77.30. with  a warning in the threat updates "1 gateway is not updated " i.e is the upgraded one.

But if i change the version details in smart console to r80.30  the policy fails and an error below

 

Error: 'IPS' is not responding. Verify that 'IPS' is installed on the gateway. If 'IPS' should not be installed verify that it is not selected in the Products List of the gateway (SmartDashboard > Gateway > General Properties > Check Point Products List).

 

Regardsm

Sijeel

 

 

 

0 Kudos
Tal_Paz-Fridman
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2020-09-02 01:31 AM
In response to Malik1

Hi

In case you haven't used the latest R80.30 JHF please update and test again:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

HTH

Tal

 

0 Kudos
Malik1
Contributor
‎2020-09-02 03:58 AM
In response to Tal_Paz-Fridman

Hi Tal, 

 

We are already on take -215 , should we move to take 217 ?

Reagrds,

Sijeel

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events