This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ShadowNif
Collaborator
yesterday

Restore Virtual systems in the vsx

Hello, 

I have a small problem, hope you can help me. In my test lab i had to reset the appliance in the Security group. 
After reset i was able to build the SIC for the VSX, although now in smart console i can see that vsx is green. 
But the Virtual Firewalls all red and i cannot see then in the CLI :

installing policy on the FWs shows error 
"

Gateway: FWTVS302
Policy: SG_FWTVS302
Status: Failed
- Installation failed. Reason: Authentication error [ SIC error no. 147 ] check that peer SIC is configured properly and that system date and time on the Security Management Server and peer are synchronized (IP = 10.255.0.118)(port = 18191)."
 
 

image.pngimage.png

 
0 Kudos
5 Replies
Dario_Perez
Employee Employee
Employee
yesterday

Check across all SGM if SGM exists, if exist in one member you can reset the member where it doesn't exist with auto-clone enable if doesn't exist on any member, then the VSX is corrupted and you have to rebuild Security Group with 1 SGM and reconfigure it

0 Kudos
ShadowNif
Collaborator
yesterday
In response to Dario_Perez

that would be the worst case scenario!!

0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
yesterday

Did you reset all the SGMs?

How did you do the SIC reset?

0 Kudos
ShadowNif
Collaborator
yesterday
In response to emmap

1. took it out of the SG on Maestro Gaia, and put it back!!
2. cpconfig --> 5 SIC

0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
yesterday
In response to ShadowNif

OK, it seems like there's a 1 VS on there now, but not the other one, like you're in a weird, half-configured state. Resetting SIC in the cpconfig menu isn't the best way to go with VSX too. So, I would suggest that you need to basically start again. Remove all SGMs from the SG, add the first one back in, do the base OS config (including bonds and JHF) then run vsx_util reconfigure on the management server to put out the VSX config. Once it's all happy with 1 SGM you can add the others back in.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
 
Upcoming Maestro Events

    CheckMates Events