This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
GianniPapetti
Contributor
‎2022-09-12 11:33 PM
Jump to solution

Mobile Access Portal Strangeness after restore

Hi Mates,

At the end of an RMA process that saw the replacement of a node of our ClusterXL, I proceeded to restore the configuration of the old node on the new node.

The cluster works as expected. The only oddity concerns the Mobile Access Portal on the new node; unfortunately there is no authentication method that allows the user to log in as expected.

The portal is instead visible on the other currently primary node.

 

fw01: Restore GW after RMA - Standby in ClusterXL

fw02: Original ClusterXL Active Member

Schermata 2022-09-13 alle 08.30.57.png

 

Any suggestions?
I opened a ticket to the TAC with no satisfaction.

0 Kudos
1 Solution

Accepted Solutions
GianniPapetti
Contributor
‎2022-09-19 08:16 AM
In response to GianniPapetti
Jump to solution

Hi mates,

as promised also to the TAC, this afternoon I copied the idpPolicy.xml file from the known active to the restored node and switched traffic to that gatwway,
Everything worked as expected.

By properly checking the backup package set in the GAIA Portal, the directory /opt/CPcvpn-R80.40/phpincs/ is not present where spPortal / idpPolicy.xml is located inside it.

For obvious reasons this file could not be restored.

 

I am definitely perplexed and asked for an explanation since now, I am terrified that the backups are inconsistent.

Thanks you all,

Gianni.

View solution in original post

0 Kudos
5 Replies
_Val_
Admin
Admin
‎2022-09-15 12:32 AM
Jump to solution

the portal issue, does it happen when your new cluster member is Active? Or are you trying to connect to the standby?

0 Kudos
GianniPapetti
Contributor
‎2022-09-15 08:35 AM
In response to _Val_
Jump to solution

Of course it happens when node1 is ACTIVE.

Regards,

Gianni.

0 Kudos
PhoneBoy
Admin
Admin
‎2022-09-15 08:33 AM
Jump to solution

What version/JHF is this?
It looks like something prior to R80.40, which suggests you should upgrade to a supported release.
R80.30 and R80.20 will be End of Support at the end of this month.
Earlier releases are already End of Support.

0 Kudos
GianniPapetti
Contributor
‎2022-09-15 08:47 AM
In response to PhoneBoy
Jump to solution

Hi,

both members are R80.40 take 156.

I think i have solved by comparing fw02 and fw01 /opt/CPcvpn-R80.40/phpincs/spPortal/idpPolicy.xml file.

In the working node the file is filled by IDP metadata instead of the file present on the fw01 node.

Also, i had a look in the backup packet made using gaia portal and the file is missed; i suppose a kind of backup bug.

Tried to copy file on the fw01 node and the login button comes up!

Next Monday i'll switch the cluster and have a try.

Regards,

Gianni.

0 Kudos
GianniPapetti
Contributor
‎2022-09-19 08:16 AM
In response to GianniPapetti
Jump to solution

Hi mates,

as promised also to the TAC, this afternoon I copied the idpPolicy.xml file from the known active to the restored node and switched traffic to that gatwway,
Everything worked as expected.

By properly checking the backup package set in the GAIA Portal, the directory /opt/CPcvpn-R80.40/phpincs/ is not present where spPortal / idpPolicy.xml is located inside it.

For obvious reasons this file could not be restored.

 

I am definitely perplexed and asked for an explanation since now, I am terrified that the backups are inconsistent.

Thanks you all,

Gianni.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events