cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

R80.30 MDS BUG/RFE tracking

Hello all,

 

I'm creating this post to try and help us have a consolidated place to track any large scale issues we are seeing with R80.30 MDS as well as a "braindump" for RFE's that we have submitted or will submit.  Criteria for posting a bug are:

1)  An SR must be open with Check Point - The reason for this is that it will help eliminate bugs that aren't really causing you an issue.  If you are willing to open a ticket then i think you are willing to participate and look for a solution.  Please don't post any SR numbers but feel free to reach out to the user to see if they are willing to provide it.

2) The issue can be reproduced - If this is something that only you are experiencing then it could be due to hardware, custom software added on etc.  If someone here or Check Point can reproduce it then it's possible to find a solution.  This also removes any what if's and we work off factual information rather than assumptions.

 

Thanks for participating!

Tags (4)
3 Replies
Highlighted

Re: R80.30 MDS BUG/RFE tracking

Let's get this ball rolling!

Here is a list of a few items that we have found during our R80.30 migrations and their status.

Unable to rename or edit comments of an application or cloned application - The reasoning behind why it doesn't let you edit the clones is that you also cannot edit the base application. As they are Check Point defined, there is no option to edit them.  A custom application however you can edit.  I have an RFE open on this as i can understand not editing a Check Point application that they may update but i think i should have the option to edit a cloned object.

Within Smartlog you can use wildcards for items like an IP address but not for an Origin - You could do 192.168.0.* but can't do customer_x_fw* to see any firewall with the name customer_x_fw.  I think this would be helpful when needing to limit the search to one customer and see all of their logs.

cpbackups don't restore the customer CMA/CLM - If using the cpbackup command the customer data is backed up inside the mdsbackup.  When a cpbackup is restored using the standard clish method the mdsbackup data is not restored and you are left with an empty /customers folder.

Highlighted

Re: R80.30 MDS BUG/RFE tracking

cpbackups don't restore the customer CMA/CLM - If using the cpbackup command the customer data is backed up inside the mdsbackup.  When a cpbackup is restored using the standard clish method the mdsbackup data is not restored and you are left with an empty /customers folder. This is a known issue and there is an RPM available to fix it.  It will be in a future JHF.

Highlighted

Re: R80.30 MDS BUG/RFE tracking

Customer folders deleted with add domain command - There is an issue where if a domain already exists (same IP and CMA Name) and another domain is added via API with the same information that the API will delete the existing CMA.  The API will fail as the domain already exists but as part of the cleanup it will delete the customer folder and leave the domain in the MDG.  This cause corruption in the postgres DB.  A hotfix is being developed for this.

0 Kudos