I already tried that, although i have a cluster over the appliances. but still did not work. 
I think it might be something with Cert. but don't know how to really check it out .

Did you try another port?

Andy

yes that was the first suggestion in the first comment 

So is port 443 now or custom? Can you send following -> clish -c "show web ssl-port"

Andy

it was 443 and change it to 4434 and nothing change

K, so just to make sure I get the whole "picture" here...so nothing changed except fw was upgraded to R81.20? And then web UI worked for 2 days and all of a sudden it stopped?

Andy

Its just a bit odd it worked for 2 days after the upgrade...I believe even with initial policy, web UI will work if its on port 443.

Andy

Right, but unloading the policy makes sure it's not the issue.

Thats true, worth a try.

I already have a lice. why this should be an issue? The FWs and cluster working fine but I cannot access the ui. 

I tried to unloadlocal policy and install policy again. did not work! Although as  i mentioned the firewalls working fine

You have the accessibility set to 'According to policy' - what rule are your inbound connections matching on? Is there anything useful in the FW logs?

it is going through the management interface according to the FW logs. And it is all Green. The Rule is there and working fine. 
 also in the 
httpd2_error _log

Tue May 07 08:43:19.048654 2024] [mpm_prefork:notice] [pid 5804] AH00169: caught SIGTERM, shutting down
[Tue May 07 08:43:25.457517 2024] [mime_magic:error] [pid 2504] (2)No such file or directory: AH01515: mod_mime_magic: can't read magic file /web/conf/magic
[Tue May 07 08:43:25.481826 2024] [so:warn] [pid 2504] AH01574: module setenvif_module is already loaded, skipping
[Tue May 07 08:43:25.481847 2024] [so:warn] [pid 2504] AH01574: module headers_module is already loaded, skipping
[Tue May 07 08:43:25.484948 2024] [core:warn] [pid 2504] AH00117: Ignoring deprecated use of DefaultType in line 421 of /web/conf/httpd2.conf.
AH00558: httpd2: Could not reliably determine the server's fully qualified domain name, using 10.255.0.18. Set the 'ServerName' directive globally to suppress this message
[Tue May 07 08:43:25.485315 2024] [mime_magic:error] [pid 2504] (2)No such file or directory: AH01515: mod_mime_magic: can't read magic file /web/conf/magic
[Tue May 07 08:43:25.488953 2024] [mpm_prefork:notice] [pid 2504] AH00163: CPWS/2.4.55 (Unix) OpenSSL/1.1.1w configured -- resuming normal operations
[Tue May 07 08:43:25.488989 2024] [core:notice] [pid 2504] AH00094: Command line: '/web/cpshared/web/Apache/2.2.0/bin/httpd2 -f /web/conf/httpd2.conf -D FOREGROUND'
[Tue May 07 08:43:26.489827 2024] [:error] [pid 2507] [client 127.0.0.1:54482] libwrap/mod_hosts_access: connection refused from 127.0.0.1 to httpd@127.0.0.1

Maybe check through this SK and see if anything helps - https://support.checkpoint.com/results/sk/sk91380

thnx but this is the first link that comes up when you google anything related to Gaia problem, so I went through it and thats why i posted the logs in my last answer