This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Anthony_Kwang
Contributor
‎2018-04-12 04:07 AM

CMA failed to import

Hi Guys,


Anyone faced this issue before importing CMA from R77.30 to R80.10 

Some of the CMA can be imported however some particular CMA showing this error. 

30090 4085204752]@HOSTNAME[11 Apr 20:50:06] CSrvObj::Update - failed to write object to file
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] [CUpgCPMIInterface::SaveObject] ERROR: Failed to update the DB. Object 'host_1.1.1.1' (Table 'network_objects' / Class 'host_plain') will not be added to the DB.
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] [CUpgCPMIInterface::SaveObject] ERROR: CPMI Error: 0x8003001D (Could not access file for write operation). Update error: An internal error has occurred..
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] [CUpgCPMIInterface::SaveTable] Failed to add object 'host_1.1.1.1' to table 'network_objects'.
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] [CUpgCPMIInterface::SaveTable] Ended saving table 'network_objects'. Saved '519' objects.
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] [CUpgCPMIInterface::SaveTable] ERROR: Failed to add 1 objects to table 'network_objects' in the DB. The resulting DB will be corrupted.

And when i look the log a step back it showing this:

[30090 4085204752]@HOSTNAME[11 Apr 20:50:02] CCkpDbObjectsCWsRemoteImpl::Write: session = Pgi5cHF7azB39VI97RlGM4mRo4MyVQO3MlQQ0vJ6G08
[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] CCkpDbObjectsCWsRemoteImpl::LogWriteFailure: Fault returned from remote server: SOAP 1.1 fault: SOAP-ENV:Server[no subcode]
"An internal error has occurred."
Detail:

[30090 4085204752]@HOSTNAME[11 Apr 20:50:06] CCkpDbObjectsCWsRemoteImpl::LogWriteFailure: ERROR: Failed to update 220 objects:

I wonder if this due to some issues in R77.30 or due to bug in R80.10 unable to insert or update the object.

thank you.

0 Kudos
1 Reply
Anthony_Kwang
Contributor
‎2018-04-15 08:43 PM

Hi Guys,

After several discussion with Diamond TAC and countless lab testing, managed to find out the reason which i still need to verify with TAC.

What i have done is to reset SIC on the cluster gateway as the SIC name does not match or tally with CMA hostname. While usually when established SIC the SIC name should be something like this:

So for example if i have CMA with hostname of abc-Mgmt the SIC should be:

CN=XXX-FW-01,O=abc-Mgmt..frqp9w

While for this particular cluster the SIC is:

CN=XXX-FW-01,O=abcdefg..4ifg82

Upon reset and performed export import is successful. Hence probably i will re-set SIC again to ensure the host name get reflected.

*Special thanks to Fiala from Diamond service team for his effort to support this case and not forgetting the rest of the team before reaching to diamond* -> without discussion to disable VPN and tweak of the IPS i may not be able to notice the SIC name somehow mismatch or not tally.

The upgrade log somehow mislead to what i have though to be programming code engine error and i was expecting a hotfix but somehow that is not the case. 

Br,

Anthony

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events