SmartConsole unable to connect to server 80.30

rmasprey · ‎2020-10-01

Had an issue with a var/log warning about space. I found a blog that talked about removing log files from /var/log/opt. I deleted 2019 folders. When I ran cpstart is complained that it could not find the folders/files. I created the folders it was missing and it created the files. I am still unable to connect via Smart Console.

I have logged a support request with CP. Bellow is some of the commands I have run trying to find the issue. I noticed errors relating to java in the log, not sure if this has something to do with it.

Starting Solr. This may take a few seconds ...
java.io.FileNotFoundException: Unable to find XML Config: /opt/CPrt-R80.30/conf/jetty.xml
at org.eclipse.jetty.start.Main.resolveXmlConfig(Main.java:674)
at org.eclipse.jetty.start.Main.resolveXmlConfigs(Main.java:925)
at org.eclipse.jetty.start.Main.start(Main.java:506)
at org.eclipse.jetty.start.Main.main(Main.java:96)

$FWDIR/scripts/cpm_status.sh
Check Point Security Management Server is during initialization

[Expert@kw-vm-cp-man-srv:0]# $MDS_FWDIR/scripts/server_status.sh
Checking server status. Please wait...
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/opt/CPsuite-R80.30/fw1/cpm-server/slf4j-log4j 12-1.6.1.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/opt/CPsuite-R80.30/fw1/cpm-server/activemq-al l-5.9.0.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
18:04:07,090 INFO com.checkpoint.management.cpm.Cpm.enableLocalSic:166 [main] - Enabling local sic. Setting cp.ssl_local.certificate.check=local
18:04:07,264 INFO com.checkpoint.management.cpm.configuration.Utils.setTdLogCon figFile:67 [main] - Starting to configure logging options
Failed to check status, cpm server is probably down

[Expert@kw-vm-cp-man-srv:0]# cpinfo -y all

This is Check Point CPinfo Build 914000196 for GAIA
Local host is not a Gateway
[IDA]
No hotfixes..

[MGMT]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[CPFC]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[FW1]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

FW1 build number:
This is Check Point Security Management Server R80.30 - Build 021
This is Check Point's software version R80.30 - Build 002

[SecurePlatform]
HOTFIX_GOGO_LT_HEAT_JHF Take: 191

[CPinfo]
No hotfixes..

[DIAG]
No hotfixes..

[PPACK]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[SmartLog]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[Reporting Module]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[CPuepm]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[VSEC]
HOTFIX_R80_30_JUMBO_HF_MAIN Take: 191

[R7520CMP]
No hotfixes..

[R7540CMP]
No hotfixes..

[R76CMP]
HOTFIX_R80_30_JHF_COMP Take: 191

[SFWR77CMP]
No hotfixes..

[R77CMP]
HOTFIX_R80_30_JHF_COMP Take: 191

[R75CMP]
No hotfixes..

[NGXCMP]
No hotfixes..

[EdgeCmp]
No hotfixes..

[SFWCMP]
No hotfixes..

[FLICMP]
No hotfixes..

[SFWR75CMP]
No hotfixes..

[MGMTAPI]
No hotfixes..

[CPUpdates]
BUNDLE_INFRA_AUTOUPDATE Take: 34
BUNDLE_DEP_INSTALLER_AUTOUPDATE Take: 18
BUNDLE_CPINFO Take: 49
BUNDLE_R80_30_JUMBO_HF_MAIN_SC Take: 132
BUNDLE_R80_30_JUMBO_HF_MAIN_gogoKernel Take: 191
BUNDLE_CLOUD_PROD Take: 55

[CME]
CME_RPM

[SFWR80CMP]
No hotfixes..

[AutoUpdater]
No hotfixes..

[CPDepInst]
No hotfixes..

PhoneBoy · ‎2020-10-04

Deleting random folders/files from /var/log/opt was probably not a good idea, since some package/application data is stored there.
Also, generally the management will clean up old access logs by default.

rmasprey · ‎2020-10-04

I plan to share more of this experience in a bit more detail. Lessons learned the hard way and what not to do. Checkpoint support suggested rebuilding the management server. I created a new virtual machine installed R80.30 with hotfixes. Forced the backup to restore on the new machine. Managed to log into smartconsole and was still getting errors and none of our objects rules ect was in the new system.

I had managed to get Smartconsole working again on our original machine after creating folders that where missing under var/log/opt, but was still having issues with some services not starting.

In Summary used the new virtual machine to rectify group permissions on some of the folders and copied some of the missing files for solr to var/log/opt. We increased the space of var/log/. I was able to successfully update to R80.40 last night and the management server is working and I can log in with Smart Console and the logs are showing and smartview is working.

VPN has not been working since Friday. The appliance was rebooted on Friday when I installed it into a checkpoint rack mount. Would the management server not working correctly impact the VPN ? No changes where made to my laptop or the firewall appliance. Waiting for feedback from checkpoint on this issue, I will be upgrading the appliance to 80.40 later today which I hope will resolve the VPN issue.

The following SK scenario 1 is what we are experiencing with the VPN and those errors showed in the log on the appliance.

“The L2TP connection attempt failed because the security layer could not negotiate compatible parameters with the remote computer”

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Are you a member of CheckMates?

SmartConsole unable to connect to server 80.30