This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nzmatto
Participant
‎2020-11-05 12:24 PM

Capsule "Failed to Connect"

We have recently moved a mobile mail remote access solution from an old gateway to a new one. Both are currently operational. Every so often, maybe 3-4 times per day, the new gateway seems to fail. There is nothing in the normal logs, and the service just seems to come back again between 30 and 90 minutes later. No-one does anything it just stops and starts seemingly randomly. Bothe gateways are configured the same, and at the same Datacentre, but this is only impacting the new gateway. Both are on R80.10, but not for much longer once I get this issue resolved.

When browsing to the Checkpoint Capsule web page, which normally loads with a username / password prompt the page simply says "Error: Page cannot be displayed. An error occurred while processing the request." 

When connecting from the capsule client an error comes up saying "Failed to connect: Network error occurred during login." This comes up immediately after the user enters their username/password and it does not matter if the password is right or wrong. There is no 1/2 to 1 second delay like you'd expect with a normal LDAP lookup. 

The firewall hosting the service does not seem to experience any 'network failures' and is a gateway to a highly critical transactional processing system where by even a blip for 1 second is noticed, yet the issue can last for up to 90 minutes (observed). 

In the logs I see the incoming https connection which is accepted, then nothing more, no login data being rejected or accepted, nothing. I can't find anything on the internet covering this specific issue. Anyone seen this or similar before, or could you point me to other logs which may show what happens immediately a client connects. 

 Thanks Matt

 

Screenshot_20201103-171501_Capsule.jpgScreenshot 2020-11-03 171901.jpg

5 Replies
G_W_Albrecht
Legend
Legend
‎2020-11-06 12:21 AM

I would suggest to contact TAC to get this resolved asap!

CCSE CCTE SMB Specialist
0 Kudos
Daniel_Toader
Participant
‎2021-04-01 09:16 AM

  • Hello , you find a solutions? , i.have some problems, but with migrations from 5800 to 7000, but with r80.40. thank you!
0 Kudos
SergioBenavides
Participant
‎2021-10-15 02:53 AM

Following up: 
i had the same issue here.

The MAB gateway seems to accept the connection and the user  is succesfully authenticated, but on the Capsule Workspace we get the same error, did someone found the solution for this?

 

0 Kudos
nzmatto
Participant
‎2021-10-17 11:37 AM
In response to SergioBenavides

I was provided with a hotfix for this, however the client has not been able to schedule a suitable change window to deploy it. The odd thing is the fault seems to have gone away as we have not had a failure in several months now. The gateways have not been rebooted, or any major changes made. Traffic patterns are mostly the same, though they do seem to have fewer remote connections at the moment.

My gut feel is it has something to do with the number of simultaneous connections, or possibly some connectivity thing through to the Active Directory. I don’t know and have not investigated further since being provided with the hotfix. I am literally planning the upgrade of these boxes now, I assume whatever fix Checkpoint made it is probably included in the latest take.

 

You could possibly refer the Checkpoint engineer back to my case which was SR# 6-0002383768. The last time it failed for me was in January of this year on R80.10 with take 283 (I think it was 283). I have not had any instance of failure on my R80.40 cluster which is set up the same way.

SergioBenavides
Participant
‎2021-10-18 12:52 AM
In response to nzmatto

Hi nzmatto, 

thanks for your reply, we have our gateways running on R81.10, and there we're currently facing this issue, for which i've opened a TAC. i will defenitely refer on my Ticket your SR Number.

 

Thanks.

0 Kudos