Re: fwm not starting after backup-restore - Waitin...

Matthias42 · ‎2022-05-27

Hi,

This is on a Checkpoint R80.10 Management-only standalone Server (no MDM).

Problem: no smartcenter connection possible, cannot manage firewall.

Steps performed that led to the problem:

1. An attempted upgrade via GAIA-WebGUI failed.

2. To recover, installed R80.10 from DVD, + Jumbo Patch.

3. backup restore local -> no errors, but also no logfile.

4. After reboot, no smartconsole connection possible

5. fwm daemon is started/running, but does NOT listen on its port 19009.
netstat -anp | grep 190
(shows nothing)

There is an error message in:
/var/log/opt/CPsuite-R80/fw1/log/fwm.elg

Waiting until NGM server is up

What is NGM?
How can i fix this problem?

Some more details:

cpwd_admin list
APP        PID    STAT #START START_TIME             MON COMMAND
CPVIEWD    22866 E     1       [16:03:09] 27/5/2022   N    cpviewd
HISTORYD   22869 E     1       [16:03:09] 27/5/2022   N cpview_historyd
CPD        22891 E     1       [16:03:09] 27/5/2022   Y    cpd
FWD        22978 E     1       [16:03:10] 27/5/2022   N    fwd -n
FWM        22982 E     1       [16:03:10] 27/5/2022   N    fwm
CPM        23382 E     1       [16:03:10] 27/5/2022   N /opt/CPsuite-R80/fw1/scripts/cpm.sh -s
SOLR       23521 E     1       [16:03:11] 27/5/2022   N    java_solr /opt/CPrt-R80/conf/jetty.xml
RFL        23559 E     1       [16:03:11] 27/5/2022   N    LogCore
SMARTVIEW 23617 E     1       [16:03:11] 27/5/2022   N    SmartView
INDEXER    23789 E     1       [16:03:11] 27/5/2022   N /opt/CPrt-R80/log_indexer/log_indexer
SMARTLOG_SERVER 23899 E     1       [16:03:11] 27/5/2022   N /opt/CPSmartLog-R80/smartlog_server
DASERVICE 24379 E     1       [16:03:11] 27/5/2022   N DAService_script
AUTOUPDATER 24397 E     1       [16:03:11] 27/5/2022   N AutoUpdaterService.sh
LPD        24710 E     1       [16:03:18] 27/5/2022   N    lpd

cpinfo -y all

This is Check Point CPinfo Build 914000227 for GAIA
[IDA]
    HOTFIX_R80_10
[CPFC]
    HOTFIX_R80_10_JUMBO_HF
    HOTFIX_R80_10
[FW1]
    HOTFIX_NGM_DOCTOR_AUTOUPDATE
    HOTFIX_R80_10_JUMBO_HF
    HOTFIX_R80_10

FW1 build number:
This is Check Point Security Management Server R80.10 - Build 066
This is Check Point's software version R80.10 - Build 240
[SecurePlatform]
    HOTFIX_R80_10_JUMBO_HF

...

PhoneBoy · ‎2022-05-27

R80.10 is End of Support, just FYI.

cpm is actually what listens on port 19009 (now fwm, which listens on port 18190).
On what precise hardware is this?
If this is Open Server or VM, please specify the number of cores and the amount of RAM installed/allocated.

Matthias42 · ‎2022-05-27

Hi PhoneBoy,

it is a OpenServer, Dell PE R730, 10Core CPU E5-2630 v4 @ 2.20GHz, 16GB RAM, 2TB Disk (about 1% used).

I have no process named cpm and nothing is listening on TCP18190.

R80.10 being EOL was the reason for the (failed) update...

If i look into cpm.elg, i see truncated java crash traces. One line stands out:

Caused by: com.checkpoint.infrastructure.utils.runtime.CpAssertionError: failed to load SIC cert file

Which file is that? Do you thing this is the problems cause or just another symptom?

the_rock · ‎2022-05-27

I agree with @PhoneBoy . Can you also run this and see what you get:

cd $FWDIR/scripts

./cpm_status.sh

Andy

Matthias42 · ‎2022-05-27

Hi the_rock,

# ./cpm_status.sh
Check Point Security Management Server failed to start

No cpm process is running

fwm/cpm not starting after backup-restore - Waiting until NGM server is up

Query from Smartview web GUI

Smart Console r81.10 Server 2022 Support

Checkpoint log exporter and NAT filter

How to know the amount of memory allocated to the ...

Optimizing HD space usage on the management server

Are you a member of CheckMates?