This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
Legend
Legend
‎2023-05-30 03:16 PM
Jump to solution

Issue accessing ICA management portal

Hey guys,

I hope someone may be able to help me here...Im sure its something dumb Im missing, just cant figure out what exactly. I got this working in another R81.20 lab, but the new one I tested fails (not sure why). I followed all the steps from below:

ICA management tool setup 

Weird thing is, though shows its enabled , I cant seem to access it (same issue with customer on R81.10 version though)

Below are all the commands from my lab:

[Expert@CP-MGMT:0]# cpca_client set_mgmt_tool print
Management tool is ON.
Using SSL.
The authorized administrators:
(
: ("CN=ica_andy,OU=users,O=CP-MGMT..7ojumh")
)
The authorized users:
()
The authorized custom users:
()
[Expert@CP-MGMT:0]#

Now, Im positive the problem is that its not listening on port 18265, but why, that Im not positive. 

Below is what I get when I try -p flag:

[Expert@CP-MGMT:0]# cpca_client set_mgmt_tool on -p 18265 -a "CN=ica_andy,OU=users,O=CP-MGMT..7ojumh"
Error while trying to set the management tool.

And when running -d debug mode:

 

[Expert@CP-MGMT:0]#
[Expert@CP-MGMT:0]# cpca_client -d set_mgmt_tool on -p 18265 -a "CN=ica_andy,OU=users,O=CP-MGMT..7ojumh"
[24036 4135229824]@CP-MGMT[30 May 18:13:52] main: Initializing debug level 3
[24036 4135229824]@CP-MGMT[30 May 18:13:52] resolver_gethostbyname: Performing gethostbyname for localhost
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwca_client_command: trying to connect
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwasync_get_maxbuf: maxbuf=4194304
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwasync_conn_params_ex: fd: <4>, my addr: <127.0.0.1,38194>, peer addr: <127.0.0.1,18265>
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwca_infra_clnt_handler: conn id is 4
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwasync_connbuf_realloc: reallocating 0 from 0 to 1032
[24036 4135229824]@CP-MGMT[30 May 18:13:52] fwasync_connbuf_realloc: reallocating 0 from 0 to 1032
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwasync_mux_timeout: 4: timed out after 60000 miliseconds
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwasync_mux_timeout: 4: inbuf: 0/8 outbuf: 0/0 state: f77b8c30 3
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwasync_mux_timeout: 4: calling handler f77b82f0
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwca_client_timeout_handler: connection timed out. sock=4
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwasync_set_events: connection 4 already closed
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwca_client_end_handler: connection ended. sock=4
[24036 4135229824]@CP-MGMT[30 May 18:14:52] FwCaCommandData::CallCallback: rc=-1100 General problem in Certificate Authority, calling callback
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwca_client_command_cb: called callback
[24036 4135229824]@CP-MGMT[30 May 18:14:52] fwca_set_mgmt_tools_cb: called callback. rc=-1
Error while trying to set the management tool.
[24036 4135229824]@CP-MGMT[30 May 18:14:52] T_event_mainloop_e: T_event_mainloop_iter returns 0
[Expert@CP-MGMT:0]#

 

If anyone has any suggestions, I would appreciate it, as always! Yes, I did cpstop/start, rebooted...no dice.

Im sure its something stupid Im missing, just cant figure out what...

Cheers 🙂

Andy

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
the_rock
Legend
Legend
‎2023-05-30 05:02 PM
Jump to solution

In case anyone encounters this problem, this is the fix.

Cheers,

Andy

https://support.checkpoint.com/results/sk/sk115742

View solution in original post

1 Reply
the_rock
Legend
Legend
‎2023-05-30 05:02 PM
Jump to solution

In case anyone encounters this problem, this is the fix.

Cheers,

Andy

https://support.checkpoint.com/results/sk/sk115742

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events