Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
dsd_asddc
Participant

Unable to access Gaia R77.30 and R80 through Web UI

Hi, I'am having some issues while doing the initial configuration for Gaia R77.30 and Gaia R80.10

after installing , I can ping the management IP from a Virtual Machine  but unable to open the same in a brower

https://<management IP>

But everything works fine if it is a SPLAT R75 and SPLAT R76

Can any one please advise if I need to do any additional configuration apart from mgmt address so that I can

access it through Web UI

any help much appreciated 

Thanks

30 Replies
PhoneBoy
Admin
Admin

What OS are you attempting to access the WebUI from?

What specific errors are you getting?

Can you verify the traffic is reaching the system with a tcpdump?

At some point (probably R77.30), we switched to SHA2 certificates for the WebUI portal.

Older systems (notably Windows XP pre-SP3) won't be able to connect to these systems.

dsd_asddc
Participant

Hi ,Thanks for a quick response,

I'am using windows XP professional version 2002 service pack2 as my virtual machine client ..

I have also run TCPDUMP on newly installed GAIAR77.30 I can see the packets arriving and leaving from the management interface ..

Any comments much appreciated

0 Kudos
PhoneBoy
Admin
Admin

Like I said, the versions of XP prior to SP3 don’t support SHA2 certificates.

As such, what you are seeing is expected behavior.

If you must use XP, upgrade to Service Pack 3, but I recommend using a supported OS instead.

Gaurav_Pandya
Advisor

HI,

Yeah. That is correct what Dameon has suggested. Adding to that if you are facing error SSL version or Cipher mismatch then you can refer sk93395.

dsd_asddc
Participant

Hi ,

I have upgraded the machine to Windows 7 Home basic 32 bit , I can access it via Web GUI, I can ping from my machine to the newly installed firewall
vice versa, I can see the TCPdump (three way hand shake )
but I'am unable to proceed in WEB GUI  (https://<management IP > after Management Connection Wizard , 
Any help will be appreciated
0 Kudos
PhoneBoy
Admin
Admin

Windows 7 doesn't support SHA2 certificates either unless you apply SP1: Microsoft Security Advisory 3033929 | Microsoft Docs 

0 Kudos
dsd_asddc
Participant

Hi Dameon, Thanks for your quick response, 

What Windows OS and what version of browser I should be using  to get this working 

Can you pl kindly advise ..

0 Kudos
PhoneBoy
Admin
Admin

Windows 7 and above with the latest versions of Chrome, IE, or Firefox should work.

0 Kudos
dsd_asddc
Participant

As mention above I'am already using windows 7 32 bit Service Pack 1 , with latest chrome , Internet explorer as browser 

0 Kudos
PhoneBoy
Admin
Admin

I'm guessing the problem is with your specific variant of Windows.

To confirm this, simply try connecting with http.

You should get a redirected to an https URL, which will likely show you an error.

An actual screenshot of this would be helpful.

Another thing to try is a modern Linux distribution (e.g. Ubuntu or similar) with Firefox or Chrome, which should work for the purposes of running the First Time Wizard and configuring the Gaia WebUI.

If none of these work, then you can run the First Time Wizard through the CLI using the following procedure: How to run the First Time Configuration Wizard through CLI in Gaia R76 and above 

0 Kudos
dsd_asddc
Participant

I'am unable to proceed after this window , I have tried using all different browsers .. 

Unable to proceed after this window

0 Kudos
Gaurav_Pandya
Advisor

For a workaround, You can complete First time vizard through CLI. Please refer below URL.

https://community.checkpoint.com/docs/DOC-2410-first-time-vizard-through-cli

For GUI solution, please engage TAC as suggested by Dameon.

ARUNKUMAR_K
Explorer

Increase the RAM size.

Edwin_Onyango
Explorer

dsd asddc did you manage to fix this error?

0 Kudos
RockYaDude
Explorer

System Configuration :- Windows 10 Pro 64Bit

16 GB RAM, 512 GB SSD only for Windows 16.

Using VMWare with Windows 10 as host (Evaluation version for 90 days)

Have installed Security Gateway using both R80.10 iso and R81, after first time its configured, the next time I try to open the Web Gui, it comes up that the page you are looking for is unavailable. I have to remove the Virtua Machine and configure it again and again, same thing happening in EVE-NG as well. I have given 8 GB RAM to both Security Gateway and SMS, SMS works fine every time, its the Security Gateway Web UI which never works second time, I though it has to do with the firewall on Windows 10 Virtual Machine, I disabled it and it worked, however, 3 days later, back to square one, Firewall Web UI not working again. Please help

0 Kudos
PhoneBoy
Admin
Admin

The fact you’re getting this far (versus just an error page from the browser) suggests it’s not related to SHA2 at all.

I recommend engaging with our TAC for further troubleshooting or use the workaround I provided.

0 Kudos
Sachin_Guda
Explorer

Hello All,

I have simulated same in the lab and found that is problem with RAM.

You must have to use 8GB RAM for your virtual Machine (Tried with 4GB, it didnt work, Didnt try with any 6GB).

Regards,

Sachin Guda

0 Kudos
Jeff
Contributor

I have the same problem. The memory expansion didn't help. I decide to expan the system root partition during installation process. It helped me.

0 Kudos
Petr_Hantak
Advisor
Advisor

Yevgeniy, how much space did you provide there?

0 Kudos
Jeff
Contributor

First, I used 35G of HDD for system and 6G for root partition. I have my reasons for this.

Then I have increased the root partition to 12G.

Petr_Hantak
Advisor
Advisor

Thank you for info. I fully understand that you want to reduce size of installation. I'm using shared LAB ESXi for testing purposes and space is limited time to time. So it is good to find some suitable minimum for deployment. 

0 Kudos
Edwin_Onyango
Explorer

Hi, I have a similar issue. I have installed checkpoint on Vmware workstation but I cannot access it from my web page. I am using ubuntu 17.10 computer. Kindly help me on this

0 Kudos
Jonathan_Sander
Participant

I'm running into this as well. I'm using the "CloudGuard IaaS (R77.30) Next Gen Firewall & Threat Prevention (BYOL)" from the AWS marketplace. I've bumped it up a few times in specs trying to fix and now have it running on a c4.4xlarge (16 vCPUs, 30GB mem, 60GB disk). I can get to it with SSH and set the admin password, and then Gaia fires up and let's me log in. But then after log in the page never paints. It's just a white page. It doesn't even seem to be downloading or working on anything. It's just blank. I'm using Firefox 62.0 (64bit) on Mac 10.13.6. Any help appreciated.

UPDATE: Used the advice above to run the initial config on the command line, but even after that, Gaia still comes up with goose eggs. Since I was setting this up specifically to test things in the UI, it is pending and currently shut down. Any advice welcomed.

UPDATE2: It occurred to me that the problem could be with the exact AMI I'm using, so I'll note it's "Check Point CloudGuard IaaS BYOL R77.30-041.168-fb3a4d3c-c993-40ab-ba19-b180ea9b866f-ami-55202c2f.4 (ami-da6652bf)" in case that is information that matters. I'm running in us-east-2 (Ohio). 

0 Kudos
Jonathan_Sander
Participant

I decided to try out the R80.10 version on AWS, and it worked. But oddly enough, it pointed me to this article about this issue and thought some may find it helpful:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

Chirag_Rao
Explorer

It works using Internet Explorer (the default IE version with Windows 7 64-bit.

0 Kudos
Chirag_Rao
Explorer

Hi Team,

On my old i7 laptop, it worked with 2GB RAM and 2CPUs. Later when I tried with 6GB RAM and 1 CPU on my latest desktop, I got an error stating it required 2 CPUs. After assigning 2 CPUs, it worked. Hence, you need at least 2GB of RAM and 2CPUs to make the Manager work. The Gateway should be okay with 2GB RAM and 1 CPU.

Regards,

Chirag

0 Kudos
ashish_solanki1
Participant

Hi All,

 

Whenever I try to access Network interfaces tab in both SMS & SG getting below error:

"Unable to connect to the server. Press OK to reconnect" screenshot is also attached.

VM Specifications are:

RAM 3.5GB

HDD 45GB

CPU 2

Using VmwareWorkstation 15 for my LAB.

 

0 Kudos
HristoGrigorov

I have the same issue and for me it works only if I access it from a workstation in the same network. Perfectly suits me so I havent really investigated why.

0 Kudos
DR_74
Collaborator

Got the same problem on R80.40 when trying to access the "Network Interfaces" menu in GAIA Webui.

Get the "unable to connect to server" with Firefox and Chrome., but works with Edge

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events