This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Crzcarlo
Participant
‎2020-09-28 05:30 AM
Jump to solution

Tunnel goes periodically down, LAN interfaces flap

Hi everyone,

we have deployed a 1590 (R80.20.01) a few moths ago and since the beginning we are experiencing an issue: every other weekend the tunnel between this branch office and the HQ goes down. It happen on Saturday or Sunday, mostly between 4 and 7 PM.

The only way for re-establish the tunnel is to reboot the CP 1590 on site. The 1590 appliance is connected to a switch and router, and during the absence of the tunnel the switch log reports the flapping of 4 interfaces connected to PCs (not used during the weekend) but not the one connected to the CP 1590, while the router log reports the flapping of the interface connected to the CP 1590.

In both cases the interfaces are flapping both link and protocol.

Since the CP 1590 is restarted, we don't have the log, so I would like to know if on the SmartConsole there is a way to check the system log of this branch device. Furthermore I would like to understand if this is a known issue and if something external could be the cause for this behavior.

 

Thank you so much

 

Carlo

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-09-30 05:09 PM
Jump to solution

First of all, I recommend making sure you are on the latest firmware, which as of this writing is: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

Second, it might not be a bad idea if you configure the device to send syslog message to a syslog server that can store the log messages for longer than the limited storage of the 1590 allows.
This should aid in current and future troubleshooting.
Meanwhile, you should be able to see what's available (if anything) in /var/log/messages or similar via expert mode.

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
‎2020-09-30 05:09 PM
Jump to solution

First of all, I recommend making sure you are on the latest firmware, which as of this writing is: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

Second, it might not be a bad idea if you configure the device to send syslog message to a syslog server that can store the log messages for longer than the limited storage of the 1590 allows.
This should aid in current and future troubleshooting.
Meanwhile, you should be able to see what's available (if anything) in /var/log/messages or similar via expert mode.

G_W_Albrecht
Legend Legend
Legend
‎2020-10-02 03:14 AM
Jump to solution

Maybe just try sk167876: Jumbo Hotfix Accumulator for SMB R80.20.05 ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Crzcarlo
Participant
‎2020-10-02 03:24 AM
In response to G_W_Albrecht
Jump to solution

First of all, thank you both @PhoneBoy  and @G_W_Albrecht .

I just implemented a syslog server dedicated for this device for having an insight of what happens during the issue. I also planned to upgrade the firmware ad I noticed that the last release is R80.20.10 (16-Jul-2020), is there a particular reason to opt for the R80.20.05 Jumbo? Since the lattes was released on 05-Jul-2020, I thought that the .10 should contain those fixes.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2020-10-02 04:19 AM
In response to Crzcarlo
Jump to solution

CP policy is to install the latest firmware. On the other hand, if i do not need the additional features of .10, the .05 Jumbo should resolve most issues with that version. At least you do have two possibilities to proceed...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Crzcarlo
Participant
‎2020-10-19 02:50 AM
In response to G_W_Albrecht
Jump to solution

Finally, I decided to upgrade the firmware to the latest version (R80.20.10) and during these two weeks there was no problems, so it seems to be solved.

Thank you everyone!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events