sk100610-Error has occurred while applying the Fir...

sasac · ‎2020-02-15

I am trying to SNMP poll a checkpoint 600 from a LibreNMS (connected to local LAN of the applicance) and even with the firewall policy switched off the firewall log reports the SNMP traffic is "Blocked on rule 0 Outgoing policy violation".

Any changes to the appliance cause a system Notification pop-up with "Error has occurred while applying the Network Objects settings (error 00362). If the problem persists, contact Check Point Technical Assistance Center"

The Check Point 600 appliance (L50) is running factory default firmware version: R75.20.40 (983003847), with firewall blade license expiration=Never.

It is EOL hardware, and it is not under any maintenance agreement, and there is no plan to put it under support as it was planned to be donated to a volunteer organisation to replace their even older 500 appliance......if it would actually work normally.

The assumption is the blocking issue and the cause of the pop-up is linked and the solutions would be explained by sk100610, but without support I don't have access to the document.

Any suggestions?

PhoneBoy · ‎2020-02-15

I can't copy/paste the solution here.
That said, it doesn't seem like this particular solution should require a support agreement to see.

What I can say is that the error appears to be caused by the same name being used in multiple places in your configuration.
Once you resolve that issue, the error should go away.

Note the most current firmware for the 600 appliance is actually R77.20.80, which you would need a support agreement to obtain.

sasac · ‎2020-02-16

I couldnt figure out where the duplication in the configuration was, so I accessed the Embedded Boot Menu, and restored device to factory defaults.

Whilst it did resolve the issue, it also reverted the licences to 30 day evaluation.

When it had a support agreement I could re-activate it but alas it is not commercially viable to do that again for this device, of for the people I am giving it to.

I have access to another 600 device, (also now redundant and out of support contract), that is running firmware R77.20.80 but with firewall; Identity Awareness; IPSec and advanced networking blades set to expiration:Never.

I understand the licenses for these blades are perpetually licensed when the hardware is purchased.

As the normal activation route is not possible because it is not under support, is there a way to clone the licence from one to the other, or indeed just clone the NAND memory blocks from one to the other?

PhoneBoy · ‎2020-02-16

Cloning the license is not possible as the license is tied to the hardware.
Possible Account Services may be able to help here but if you’re not the original purchaser of said device, you may be out of luck.

G_W_Albrecht · ‎2020-02-17

A backup (needs the identical firmware version!) also contains the active license - usually, the hardware bound license will be updated after connection to userCenter, but here it should prevail 8).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Antimatt3r · ‎2020-03-11

I have the same error, can you please be more specific about the solution. What exactly do you mean by "same name being used in multiple places in your configuration", same name of what?

MartinTzvetanov · ‎2020-04-27

For an object I believe. I have the same situation - when set the Firewall blade to strict and put a rule for Remote Access it pops up the error, setting the Firewall to a lower level of restriction, the rules for VPN are installed automatically and no error is shown. It's a new deployment with 3 IP objects and few Network objects...

Thomas_Fischer · ‎2020-05-08

Appliance 1550

Software r80.20.05

Always the same Problems

MiloJawo · ‎2020-06-02

Appliance 1590W

Software r80.20.05

Same error any slolution please ?

Antimatt3r · ‎2020-06-02

Not very helpful, but the "solution" for me was the replacement of the entire Firewall lol.

It was in warranty and Checkpoint said it was a memory problem or something like that, at least based on what my re-seller said after talking to them...

To be honest, I'm still not entirely convinced that it was a hardware problem, but yeah...

Still curious about the exact cause though, because my new replacement Firewall had the same exact error on a couple of occasions, but thankfully it went away after a regular reboot.

Alexey_Dagil · ‎2020-09-21

Hi guys! Tech support gave me a solution. You need to reinstall the system from USB to version 80.20.10 (1433). For me, this was not a problem, because the device was "only out of the box". If you have any settings, make backups.

kaanyenilmez · ‎2021-06-22

Dear All,

We had the same issue with 1570 appliance. We solved it by reinitializing internal certificates.

SriniKrish · ‎2022-07-04

unfortunately even that failed for me. " Failed to initialize cert"

PhoneBoy · ‎2022-07-05

What precise device is having this issue?
Because that issue is consistent with older versions of R77.20.x (and earlier versions) firmware, described here: https://community.checkpoint.com/t5/SMB-Gateways-Spark/error-after-reset-L-50WD/m-p/61683#M2363

SriniKrish · ‎2022-07-05

Its with a 1530 appliance running R80.20.40. I did raise a case with support and have recommended me to move to R81.10.

I will see how I go !

SriniKrish · ‎2022-07-06

The upgrade to R81.10 made no difference and it still throws the same 00351 Error.

Amir_Ayalon · ‎2022-07-07

Hi

351 is usually related to an object or duplicate object that result in a rulebase problem.

please open an SR and ask to open a Task.

we will look into it.

thanks

SriniKrish · ‎2022-07-07

Hi Amir,

I did raise one and was told to upgrade the firmware but made no difference to the error.

Case reference below.

6-0003322725

best regards

Srini

Amir_Ayalon · ‎2022-07-07

i asked the support Eng to open an R&D Task.

we will look into it.

serch-jhai · ‎2023-01-16

como lo solucionaste siempre ? tengo el mismo codigo de error. Help!!

G_W_Albrecht · ‎2023-09-05

Not easy, but our customer solved it by first solution with:

- take notes / screenshots for all settings configured

- either use a fresh appliance, same model, configure from source above, take a backup and restore it to the SMB showing the issue, or Restore factory default settings and configure from source above

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

henfii · ‎2022-10-19

Hello, I have same problem with 1550 Appliance,

Every change I make causes this error message. Can I somehow solve this situation remotely since I don't have physical access to the firewall? the problem is on versions R80.20.40 as well as on the updated R81.10.00, re-initializing the certificate gives me the message Failed to initialize cert

G_W_Albrecht · ‎2022-10-19

Better involve CP TAC !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Amir_Ayalon · ‎2022-10-19

Hi

There was an SR with support (not a Task) but support say Partner instructed engineer to close the case.

Please reopen and Ask for a Task, and we will look into it, (i asked Support Eng. as well)

serch-jhai · ‎2023-01-16

como solucionaste siempre tu error (00362) ?

_Val_ · ‎2023-01-16

@serch-jhai please be advised, English is the language of this board. Questions in Spanish can be asked here: https://community.checkpoint.com/t5/Espa%C3%B1ol/bd-p/spanish

_Val_ · ‎2023-01-16

@serch-jhai Please look into sk175503

chen_jingwen · ‎2024-02-16

I solved the problem by deleting one of the expired certificates called in sslvpn

DorianGrey · ‎2024-05-27

Dear Chen, can you please advise how you managed to delete the expired certificate called in sslvpn?
I am facing the same issue with two 1570 appliances and I am stuck..!

G_W_Albrecht · ‎2024-05-27

You better open an SR# with CP or try one of the workarounds i wrote about:

- take notes / screenshots for all settings configured

- either use a fresh appliance, same model, configure from source above, take a backup and restore it to the SMB showing the issue, or Restore factory default settings and freshly configure it from source above

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Are you a member of CheckMates?

sk100610-Error has occurred while applying the Firewall settings (error 00351)