Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ryan_Ryan
Advisor

SIC stopped communicating- all gateways

Hi guys, we have an MDM running R81.10 T110, early one morning all the gateways (2x clusters and 2 standalone) disconnected at the same time and haven't come back - 

SIC General Failure [error no. 148]

Connectivity is there, I have run a tcpdump as I tried to reestablish SIC and I can see a tcp reset coming from the gateway towards the manager on 18211 (the re-initialize fails very quickly)

I did have a very similar issue on this setup about 4 weeks ago (half the gateways were disconnected), the manager cert had expired so I renewed it, and on each gateway did the non disruptive SIC reset procedure and all was green again. I don't think I need to renew the cert again its valid but the SIC reset does not work this time.

The CPD elg log on the manager was empty after I turned on debug and tried to reinitialize. the gateways cpd logs are filled with:

==============================
Cpd Initializing
==============================

cpd_enable_epoll: Enabling epoll...
cpd_enable_epoll: epoll succesfully enabled..
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] SIC initialization started
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] cpsic_init: msg client name = cpd
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] cpsic_init: context id = 0
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] get_my_sicname_from_registry: Read the machine's sic name: CN=Gateway_03,O=DC_CMA.com.rhh8fv
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] Initialized sic infrastructure
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] SIC certificate read successfully
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] FAILED to find registry entry PROVIDER-1//CPLocalAuthDir
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] Initialized SIC authentication methods
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] cpsic_init: Failed to init message daemon
[CPD 20545 4133103424]@Gateway_03[9 Oct 15:25:28] CPSIC Error: Messaging mechanism failure - Could not initialize messaging daemon.
Failed to initialize SIC. Exiting ...

 

 

Any ideas? 

 

 

 

0 Kudos
2 Replies
G_W_Albrecht
Legend Legend
Legend

Better involve TAC !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
_Val_
Admin
Admin

Second that, please open a high-priority case with TAC: https://help.checkpoint.com

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events