Reminded me of this thread.

https://community.checkpoint.com/t5/Management/migrate-server-import-stuck-on-4/m-p/146171

You got caught again 😉

But the thread was initially about the import sticking at 4% on machines that I did an R81.20 upgrade using CPUSE and the Clean Install option.

Doing a Fresh install from the ISO was the fix for me. Meaning that the R81.20 fresh install accepted the import but the CPUSE R81.20 clean install on top of R81.10 got stuck at 4%.

Also team, just in case someone is unsure if commands dont work, you can use any of below flags as well to try another approach. Hope that helps.

*************************

[Expert@CP-MANAGEMENT:0]# cd $FWDIR/scripts
[Expert@CP-MANAGEMENT:0]# ./migrate_server -h

Use the migrate utility to: 1. Verify, export and import the Check Point
Security Management Server database.
2. Migrate_import_domain

1. Verify, export and import

Usage: migrate_server <ACTION> <PARAMETERS> [OPTIONS] <FILE>

ACTION (required parameter):

export - Exports the database of the Management Server or Multi-Domain Server.
import - Imports the database of the Management Server or Multi-Domain Server.
verify - Verifies the database of the Management Server or Multi-Domain Server.
print_installed_tools - returns the upgrade tools installed for a given version.

Parameters (required parameter):

'-v <target version>' Import version.

Options (optional parameters):

'-h' Show this message.
'-skip_upgrade_tools_check' Does not check for updated upgrade tools.
'-force-upgrade-flow' When the source and target servers are on the same major version,
migrate_server uses an accelerated flow to migrate the data.
This flag forces the full migration flow.
Note: if this flag is used, it is mandatory to use it both on export and import.
'-npb, --no_progress_bar' Disable the progress bar.
'-ivw, --ignore_warnings' Perform Export/Import although the pre-verification process raised warnings.
Note: option is valid for import, export and migrate_import_domain modes only.
'-l <N>' Export N last days of logs without log indexes.
'-l' Export/import all logs without log indexes.
'-x <N>' Export N last days of logs with log indexes.
'-x' Export/import all logs with log indexes.
'-n' Run non-interactively.
'--exclude-uepm-postgres-db' skip the backup/restore of PostgreSQL.
'--include-uepm-msi-files' Export/import the uepm msi files.
'--exclude-licenses' skip the restore of licenses.
'-mask' Hide sensitive information in exported DB.
Note: Applicable only when exporting.
'--verify_all_servers' Runs the verification process on all Management Servers and Log Servers.
Notes:
1) This flag is valid only for the 'verify' and 'export' operations.
2) This flag is supported on the versions R81 and higher.
3) List of servers, on which you can run the 'migrate_server verify' / 'migrate_server export'
command with the flag '--verify_all_servers':
- All Security Management Servers
- Multi-Domain Security Management Servers
- Multi-Domain Log Servers
4) List of remote servers, to which the 'migrate_server verify' / 'migrate_server export' command can connect:
- Security Management Servers
- Multi-Domain Security Management Servers
- Multi-Domain Log Servers
- Dedicated Log Servers
- Dedicated SmartEvent Servers
- Security Management Servers configured as a Backup of a Domain Management Server
Note:
Servers that are configured on a specific Domain on a Multi-Domain Security Management Server will be verified
only if there is a Domain Server of that Domain on the current Multi-Domain Security Management Server.
5) The default behavior:
- Only on Primary Management Servers, the 'migrate_server verify' command runs with the '--verify_all_servers' flag.
- On all servers except Primary Management Servers, the 'migrate_server verify' command runs with the '--verify_local_only' flag.
- On all servers without exception, the 'migrate_server export' command runs with the '--verify_local_only' flag.
'--verify_local_only' Runs the verification process locally, only on the current server.
Notes:
1) This flag is valid only for the 'verify' and 'export' operations.
2) The default behavior:
- On all servers except Primary Management Servers, the 'migrate_server verify' command runs with the '--verify_local_only' flag.
- On all servers without exception, the 'migrate_server export' command runs with the '--verify_local_only' flag.
'-skip_tools_check_on_remote' Specifies not to check for updated Upgrade Tools when running the verification process on remote Management Servers (not the current Management Server).
Notes:
1) This flag is valid only for the 'verify' and 'export' operations.
2) This flag is valid only when running the verification process on all Management Servers (not only on current server).

<FILE> (required parameter only for import):

Path to the archived file to export/import the database to/from.
Path to archive should exist.

2. Migrate_import_domain

Usage: migrate_server <ACTION> [OPTIONS] -o <FILE>

ACTION (required parameter):

migrate_import_domain - Imports the database of the Domain Management Server
from a Multi-Domain Server.

Parameters (required parameter):

'-o <FILE>' Path to the archived file to import the database from.

Options (optional parameters):

'-h' Show this message.
'-skip_upgrade_tools_check' Does not check for updated upgrade tools.
'-sn <Domain Server name>' Name of the Domain Management Server.
'-dsi <Domain Server IP address>' IP address of the Management Server.
Default is local machine.
'-skip_logs' Skip import logs (without log indexes).
'-npb, --no_progress_bar' Disable the progress bar.
'-ivw, --ignore_warnings' Perform Export/Import although the pre-verification process raised warnings.
Note: option is valid for import, export and migrate_import_domain modes only.

Note:
Run the utility either from the current directory or use
an absolute path.
[Expert@CP-MANAGEMENT:0]#

******************************