This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
cluster8
Explorer
‎2026-02-11 02:07 PM

"show configuration" command not display all configuration and sticks on the first lines.

Hello team.

I have an issue with a Security Gateway, when I type the "show configuration" command not display all configuration and the CLI stuck on the first lines, it does not show anymore when you push enter key or space bar and I need press ctl+C to stop the stuck.
It happen with the "show configuration" in clish mode, in expert mode with "clish - c "show configuration"" .
In fact when I save the configuration with "save configuration reytest.txt" (clish mode) and then I check the file with "cat reytestconfig.txt" the configuration on the file is incomplete.
A few days ago the cluster and SMS were renewed with recently models and they are in R82 with the JHF take 60, the last recommended.
By https GAIA the configuration is complete and shows good.
This behaivor is only with the active SG.

I tried with different users and the behavior is the same.

Example 1:

SF-SW2_> show configuration
#
# Configuration of SF-SW2_Tabasco
# Language version: 15.0v1
#
# Exported by cluster_8 on Wed Feb 11 15:56:18 2026
#
set installer policy check-for-updates-period 3
set installer policy periodically-self-update on
set installer policy auto-compress-snapshot on
set installer policy self-test install-policy off
set installer policy self-test network-link-up off
set installer policy self-test start-processes on
set arp table cache-size 4096
set arp table validity-timeout 60
set arp announce 2
set message banner on

set message motd off

set message caption off
set core-dump enable
set core-dump total 30000
set core-dump per_process 2
set clienv debug 0
set clienv echo-cmd off
set clienv output pretty
set clienv prompt "%M"
set clienv rows 44
set clienv syntax-check off
set dhcp6 client client-mode normal
set dhcp6 prefix-delegation method manual
set dns mode default
set dns primary 8.8.8.8
set dns secondary 10.14.1.78
set dns tertiary 10.14.1.180


^C

Example 2:

[Expert@SF-SW2:0]# ls
reytestconfig.txt
[Expert@SF-SW2:0]# cat reytestconfig.txt
#
# Configuration of SF-SW2
# Language version: 15.0v1
#
# Exported by cluster_8 on Wed Feb 11 13:03:57 2026
#
set installer policy check-for-updates-period 3
set installer policy periodically-self-update on
set installer policy auto-compress-snapshot on
set installer policy self-test install-policy off
set installer policy self-test network-link-up off
set installer policy self-test start-processes on
set arp table cache-size 4096
set arp table validity-timeout 60
set arp announce 2
set message banner on

set message motd off

set message caption off
set core-dump enable
set core-dump total 30000
set core-dump per_process 2
set clienv debug 0
set clienv echo-cmd off
set clienv output pretty
set clienv prompt "%M"
set clienv rows 0
set clienv syntax-check off
set dhcp6 client client-mode normal
set dhcp6 prefix-delegation method manual
set dns mode default
set dns primary 8.8.8.8
set dns secondary 10.14.1.78
set dns tertiary 10.14.1.180
[Expert@SF-SW2:0]#
[Expert@SF-SW2:0]#

 

 

0 Kudos
6 Replies
PhoneBoy
Admin
Admin
‎2026-02-11 03:02 PM

This might require TAC assistance.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-02-11 03:07 PM

I would try cpstop; cpstart or reboot in short maintenance window, if you can.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Vincent_Bacher
MVP Silver
MVP Silver
‎2026-02-11 11:34 PM

The problem sounds familiar; I saw it with a customer some time ago. I remember that it had something to do with confd.

We then did things like running “show configuration” in debug mode.

clish -d 4 -c "show configuration"

 

Where 4 is the highest debug level.

Then I remember the analysis of confd as described in processes and daemons.

First, as indicated below, search in /var/log/messages for routed and confd search pattern.
Then to restart confd using tellpm process:confd t

Unfortunately, that's all I can remember, and it was also an older version and may not even be suitable for this use case, but maybe it will help at least a little.

 

sk97638 - Check Point Processes and Daemons

confd

Description

Database and configuration.

Path

/bin/confd

Important Note

Maintenance window is required to restart this daemon:

  • When confd daemon is starting, by design, it restarts any currently running routed daemons (by sending a TERM signal). It is done to avoid possible issues in Gaia Clish (e.g., returning invalid results for routing-related commands like "show route").
  • Since routed daemon is responsible for all the routing in Gaia OS, short traffic outage will occur while routed daemon is being restarted.
  • Since routed daemon is a Critical Device in Check Point cluster (since R76), cluster fail-over might occur while routed daemon is being restarted (refer to sk92878).
  • In a VSX environment, restarting the routed process owned by VS0 restarts routed for all Virtual Systems. Contact Check Point support for assistance.

Log File

/var/log/messages

To Stop

tellpm process:confd

To Start

tellpm process:confd t

Debug

Examine /var/log/messages



and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
Lesley
MVP Gold
MVP Gold
‎2026-02-12 04:00 AM

After DNS config there will be the following line:

set domainname

Maybe you can login via webgui and try to edit / change it? Maybe non supported character is used? 

-------
Please press "Accept as Solution" if my post solved it 🙂
0 Kudos
Vincent_Bacher
MVP Silver
MVP Silver
‎2026-02-14 10:52 PM

Hi,
were you able to find cause and solution?

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-02-15 11:52 AM

Hey @cluster8 

Let us know once you get this sorted out.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events