Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Giga_Yang
Explorer

The connection with the server was lost. Any unsaved changes will be preserved

Dear all,

The user site have two same standalone firewall with openserver (production and cold standby). We try to switch firewall service with standby device. But found Smart Dashboard could not login. And show ‘The connection with the server was lost. Any unsaved changes will be preserved’. 

 

Their OS version R80.30 with Jumbo Hotfix take 236. Anyone have the same problem too?

0 Kudos
18 Replies
_Val_
Admin
Admin

Do you mean you have Full HA cluster? When performing a failover, Management role is not switched automatically. Connect to the secondary with SmartConsole and push it to Active.

All sessions on the primary will be lost, unless saved and synced.

0 Kudos
Giga_Yang
Explorer

Hi Val,

Not full HA. When production have problem, we will switch cable to standby interface.

0 Kudos
_Val_
Admin
Admin

Then I do not understand. How does your topology look like? 

0 Kudos
Giga_Yang
Explorer

Hi _Val_,

Thanks for your help.

The site have two HP standalone open server. Both install R80.30 with Jumbo Hotfix take236.

Backup firewall is not connect any network cable. If necessary, their admin user will move cable from production to standby.

0 Kudos
_Val_
Admin
Admin

Where is the management configured? On both machines? If so, how do you maintain consistent policies on your management servers?

 

0 Kudos
Giga_Yang
Explorer

Hi _Val_,

Management on both machines. They are 100% the same. The user export backup form production to stnadby every month.

0 Kudos
_Val_
Admin
Admin

Understood. This is the weirdest redundancy setup I am seeing in my life, but it is a different discussion.

So, after moving cables, you are not able to re-connect with the SmartConsole, right? You connect, and then get the error above?

On your secondary, go to expert shell and run the following:

1. cpwd_admin list

2. $FWDIR/scripts/cpm_status.sh

 

Post the output here

0 Kudos
Giga_Yang
Explorer

Hi _Val_,

Yes, HA/Cluster is best choice. But their firewall license not support it. We could not run ClusterXL on this site. I will try your suggest on Next Monday.

 

After we moving cable and connect SmartConsole. It will show 'The connection with the server was lost. Any unsaved changes will be preserved' . After we click 'Yes', SmartConsole will close by itself.

Thanks for your kindly help.

0 Kudos
_Val_
Admin
Admin

Run commands above and show the output. Something is wrong with the management server on your secondary machine. You may also want to reboot it and try again

0 Kudos
_Val_
Admin
Admin

Also, if you are connecting to VIP instead of physical address, this is what you see, since VIP is moved from one member to another.

0 Kudos
Terry_Vasquez
Participant

I have also the same issue with R80.40 SMS. What I checked was that the cpd_admin list when commanded states that it is not running.

[Expert@hostname:0]# cpd_admin list

Cpd is not running

 

0 Kudos
_Val_
Admin
Admin

Try restarting the machine

0 Kudos
Terry_Vasquez
Participant

Hi @_Val_,

 

Yes we have rebooted the whole SMS appliance since the cpstop;cpstart did not work. We are raising it to TAC for futher analysis what have caused the CPD as well as CPM stopped or crashed. Wondering also that we have 2 SMS in HA and both of them got the same issue.

0 Kudos
_Val_
Admin
Admin

How does it look from HDD free space angle?

0 Kudos
Timothy_Hall
Champion
Champion

I think you mean cpwd_admin list which shows all processes monitored by the watchdog and when they were last restarted.  If you see a very recent restart time (say within the last few minutes) for a particular daemon and the system was not just booted, try looking for clues in the log file for the problematic process which will be $FWDIR/log/(daemonname).elg or $CPDIR/log/(daemonname).elg.  So for example the log file for cpd is  $CPDIR/log/cpd.elg.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Terry_Vasquez
Participant

Thanks @Timothy_Hall for your response. We’ve found out that the CPD and CPM processes are not started hence we’ve tried to do a cpstop;cpstart but still fails. What we did is reboot the whole SMS appliance and now it is working.

 

The one thing I am wondering is that we have SMS in HA and both are affected. Anyways we are raising this to TAC for checking the root cause.

0 Kudos
Timothy_Hall
Champion
Champion

Almost certainly some kind of resource shortage, probably memory (which is why a reboot fixed it) but could be disk space too as Val mentioned.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
K_montalvo
Advisor

This way is deployed is not the best practice, you shall consider migrating to a distributed deployment. But i know you probably already heard this, what you can try is disconnect from the SmartConsole before moving the cable.

0 Kudos