This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
aharihara
Contributor
‎2020-03-08 01:29 AM

Smart console - Operation timed out

Dear Checkmates,

I'm studying for CCSA R80 and I have a lab setup in GNS3. I have installed Windows 10 VM and I have Checkpoint R80.10_T479(trial) installed as SMS in GNS3VM. The trial period is still available. I have the conectivity between Windows PC and SMS. I can do ssh and can also access WebGUI, but when I access via SmartConsole, I get 'operation timed out' message most of the time. Then I would restart the nodes, lab and VM. Sometimes it helps, but most of the time it fails. Then once when I rebooted the SMS, I got a message in CLI that I must reboot in maintenance mode, which I did. I see the file system is corrupt and it asked me to fix and I gave 'y' numerous times and finally it looked like the corrupt files and entries were fixed.  Then the smart console was working for some time. Now the problem has started again. I don't know what to do now. Please guide me.

Thanks,

Hari

0 Kudos
11 Replies
PhoneBoy
Admin
Admin
‎2020-03-08 12:25 PM

How much RAM have you allocated to the VM for the SMS?
If it's anything less than 8GB, you'll probably have issues.
Also, R80.10 is a few years old, you should really be working with later releases.
0 Kudos
aharihara
Contributor
‎2020-03-08 04:09 PM
In response to PhoneBoy

Thanks a lot for replying back. 😊

I guess your question of RAM answers my problem. I gave only 4GB, since I was running the lab in my laptop. 

I now gave 6GB and running both SMS and GW and it works just fine, but slow sometimes. I would take your suggestion and try increasing the RAM. Also I would try installing the newer version. 

One more question, probably should be in a different thread, but please guide me. Since I'm preparing for CCSA, will it  have questions about R80.40 too?

0 Kudos
PhoneBoy
Admin
Admin
‎2020-03-08 05:22 PM
In response to aharihara

The absolute bare minimum for an SMS (without GW) is 6GB, and even then, it can be fairly slow.
8GB for an SMS (without GW) should be ok in a small lab environment.
For a gateway and management in same VM (i.e. standalone), anything less than 16gb of RAM will probably give you inadequate performance.

As for what the CCSA exam covers, please check the Training and Certification space.
As far as I know, there is nothing specific to R80.40 in the CCSA exam.
aharihara
Contributor
‎2020-03-09 07:53 AM
In response to PhoneBoy

Thanks, will check the Training and Certification Space for CCSA 🙂
0 Kudos
msantos
Contributor
‎2020-08-18 03:19 PM
In response to PhoneBoy

Hi PhoneBoy,

Im reading the case, cause i have same issue. i already tryed sk165894 and still nothing, im running a SMS with 4 vCPU and 16 GB RAM and the issue is the same. the only thing it came to my mind is install the JHF that are availables for the SMS. other than that, what else could it be?

PhoneBoy
Admin
Admin
‎2020-08-18 03:57 PM
In response to msantos

What does /opt/CPsuite-R80.40/fw1/scripts/cpm_status.sh say?
Have you checked that traffic reaches the VM using tcpdump or similar?

msantos
Contributor
‎2020-08-19 07:16 AM
In response to PhoneBoy

First output i get: Check Point Security Management Server is running and ready

and the tcpdump shows traffic going.

08:09:36.471504 IP 10.0.0.126.46322 > gw-mgmt-enel.set: Flags [.], seq 353449:354897, ack 1, win 15, options [nop,nop,TS val 940267858 ecr 931832977], length 1448

08:09:37.281438 IP 10.0.0.126.48458 > gw-mgmt-enel.ssh: Flags [.], ack 401328, win 1026, length 0

08:09:37.281461 IP gw-mgmt-enel.ssh > 10.0.0.126.48458: Flags [.], seq 403504:404814, ack 1, win 40, length 1310

^C
2356 packets captured
2356 packets received by filter
0 packets dropped by kernel

 

so ill try install the JHF.

0 Kudos
PhoneBoy
Admin
Admin
‎2020-08-19 11:45 AM
In response to msantos

All that's showing is ssh, not any attempts to connect on port 443, 18190, and 19009.
Which suggests you didn't capture this while you're trying to connect to SmartConsole, you're not connecting to the right IP, or something is blocking that communication.

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2020-03-09 06:12 AM

This could also be related to using GNS3. Please see the following case:

https://community.checkpoint.com/t5/General-Topics/Smartconsole-force-closes/m-p/70487/highlight/tru...

aharihara
Contributor
‎2020-03-09 07:54 AM
In response to Tal_Paz-Fridman

Thank you so much for the link, I will try downgrading the GNS3 version and shall see how it works. I shall keep this thread updated with my findings. 

0 Kudos
aharihara
Contributor
‎2020-09-29 02:28 AM

Hi Everyone, 

Sorry for delay. Meanwhile I passed CCSA and also moved to a new job 😁

I gave up with GNS3 and started using Eve-NG for the Lab setup, it works very well for me. I think, Eve-NG is more stable than GNS3. GNS3 was also getting updated every now and then and it kind of annoys me.

 

Once again thanks for helping😊

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events