This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
E_Islas
Participant
‎2023-05-08 07:09 AM
Jump to solution

SSLVPN not connecting after installing Jumbo Hot Fix Accumulator Take 94

Good morning everyone.

We are in R81.10 with a cluster XL. The SMS is a VM on ESX.

Last Thursday, we installed the Jumbo Hotfix Accumulator Recommended Jumbo Take 94 to solve an issue with Identity Awareness.

The issue was fixed, but after doing that, our remote users can't connect through sslvpn. All other remote access methods work fine, however we have many clients using sslvpn who are unable to access. The connection process stays on the Connecting phase after enter the username and password.

Any advice will be appreciated.

Thanks.

Elfego

0 Kudos
1 Solution

Accepted Solutions
the_rock
Legend
Legend
‎2023-05-12 05:14 AM
In response to Alex-
Jump to solution

I did test for this in my lab and here are the results:

-upgrade to jumbo 94 from take 87 caused the issue

-after installing jumbo 95, though not officially recommended yet, all worked again

Andy

View solution in original post

21 Replies
the_rock
Legend
Legend
‎2023-05-08 07:26 AM
Jump to solution

Do you see any relevant logs in smart console? Have you tried doing zdebug for client external IP for example?

Andy

0 Kudos
E_Islas
Participant
‎2023-05-08 11:31 AM
In response to the_rock
Jump to solution

In Smartconsole I don't see any error. About the zdebug, I will be posting the results in a moment.

Thanks Andy for the suggestion.

0 Kudos
the_rock
Legend
Legend
‎2023-05-08 11:33 AM
In response to E_Islas
Jump to solution

What I meant was this, just to clarify. Say external client IP is 20.30.40.50, just run fw ctl zdebug + drop | grep 20.30.40.50 when they are trying to connect

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2023-05-08 11:02 AM
Jump to solution

You've opened a TAC case on this, I presume?
https://help.checkpoint.com 

0 Kudos
E_Islas
Participant
‎2023-05-08 11:37 AM
In response to PhoneBoy
Jump to solution

Yes, I already asked the client to involve the TAC.

Thanks for yor answer.

Alex-
Leader Leader
Leader
‎2023-05-12 04:39 AM
In response to E_Islas
Jump to solution

Same issue when upgrading a customer's cluster from R81.10 T87 to T94, no reaction from the portal after logging in.

No time to troubleshoot unfortunately as the service had to be restored quickly, uninstalling to T87 and the portal works.

0 Kudos
the_rock
Legend
Legend
‎2023-05-12 05:14 AM
In response to Alex-
Jump to solution

I did test for this in my lab and here are the results:

-upgrade to jumbo 94 from take 87 caused the issue

-after installing jumbo 95, though not officially recommended yet, all worked again

Andy

G_W_Albrecht
Legend Legend
Legend
‎2023-05-12 05:27 AM
In response to the_rock
Jump to solution

Would be fine if this was reported to CP 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend
‎2023-05-12 05:28 AM
In response to G_W_Albrecht
Jump to solution

Im sure they can see it here and replicate it themselves, its not that hard lol

0 Kudos
Alex-
Leader Leader
Leader
‎2023-05-12 05:30 AM
In response to the_rock
Jump to solution

Thanks for checking @the_rock , I will try again when Take 95 or above becomes recommended.

0 Kudos
the_rock
Legend
Legend
‎2023-05-12 05:32 AM
In response to Alex-
Jump to solution

No worries, probably better to wait until its recommended, specially since its production.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-05-12 12:24 PM
In response to the_rock
Jump to solution

They will not see it here, i am sure - without drawing attention... But as TAC is already involved the customer can share the solution and CheckMates Link !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend
‎2023-05-12 12:32 PM
In response to G_W_Albrecht
Jump to solution

Agree with that Guenther...since there is case already opened for it, @E_Islas would let them know all the findings from this post.

Have a nice weekend.

Andy

0 Kudos
E_Islas
Participant
‎2023-05-12 07:53 AM
In response to the_rock
Jump to solution

Thank you, Andy, for your research and suggestions. Since I don't have direct access to the SMS, I'm going to let the customer know what the situation is, and depending on the urgency, they can decide whether to install it or wait until it is officially recommended.

Again, thank you very much.

Elfego

0 Kudos
the_rock
Legend
Legend
‎2023-05-12 07:56 AM
In response to E_Islas
Jump to solution

Sure, any time, glad it was helpful.

Have a nice weekend!

Andy

 

 

0 Kudos
Blason_R
Leader
Leader
‎2023-05-13 12:30 AM
In response to the_rock
Jump to solution

Thats nice to know that - I was going with Take 94 in few days.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
genisis__
Mentor Mentor
Mentor
‎2023-05-13 12:52 AM
In response to Blason_R
Jump to solution

I suspect Take 95 is going to be GA very soon now as it's been a month today since it was released.

the_rock
Legend
Legend
‎2023-05-13 05:27 AM
In response to Blason_R
Jump to solution

I would wait till 95 is recommended take.

0 Kudos
Naama_Specktor
Employee
Employee
‎2023-05-14 12:27 PM
Jump to solution

Hello @E_Islas 🙂

My name is Naama Specktor and I am Checkpoint employee ,

I will appreciate it if you will send me SR # , here or in PM.

 

Thank you,

Naama 

0 Kudos
E_Islas
Participant
‎2023-05-15 11:28 AM
In response to Naama_Specktor
Jump to solution

Hi Naama... Of course. I sent to youy the SR#  in PM

I'm sorry for my delayed answer.

 

Elfego

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top