- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
Dear All,
I'm in a peculiar situation, lost Smart console connectivity after the firewall upgrade to R81. I do not have access to the Smart console, since all traffic towards the Management server passes through the affected firewall only. Moreover we do not have any other systems in that Management server subnet at the moment. Please find the attached diagram for connectivity details.
I am still having SSH access to the gateway and to the management server. This firewall was on R80.30, now it is upgraded to R81.
If I try to fetch the policy by running "fw fetch" command from the gateway, I get the error "module - sic name does not match"
fw fetch -f
Fetching FW1 Security Policy From: 10.128.48.4
Management rejected fetch for this module - sic name does not match.
Policy Fetch Failed
Failed to fetch policy from masters in masters file
I believe this is happening because the original firewall object in the smart database is still marked as R80.30 ( because I lost the console connection before changing the version)
Is there any option to change the Firewall object version to R81 through Management CLI?
You should be able to use the "set simple-gateway" command with the "version" parameter.
https://sc1.checkpoint.com/documents/latest/APIs/#cli/set-simple-gateway~v1.7%20
Hi Tomer,
Thank you so much for that information. I've another catch with running API commands as given below. I thought of taking help from Support, more over I'm not familiar with API .
Mgnt: mgmt_cli set simple-gateway
Username: admin
Password:
message: "Error 404. The Management API service is not available. Please check that the Management A PI server is up and running."
code: "generic_error"
Chervon-Mgnt: api status
API Settings:
---------------------
Accessibility: Require local
Automatic Start: Enabled
Processes:
Name State PID More Information
-------------------------------------------------
API Started 8611
CPM Started 8611 Check Point Security Management Server is running and ready
FWM Started 7613
APACHE Started 6985
Port Details:
-------------------
JETTY Internal Port: 50465
JETTY Documentation Internal Port: 50420
APACHE Gaia Port: 4434 (a non-default port)
When running mgmt_cli commands add '--port 4434'
When using web-services, add port 4434 to the URL
Profile:
-------------------
Machine profile: 15800-24800 with SME or Dedicated Log Server
CPM heap size: 1536m
--------------------------------------------
Overall API Status: Started
--------------------------------------------
API readiness test SUCCESSFUL. The server is up and ready to receive connections
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY