- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Hello guys,
I would like to deploy redundant MDS (Provider-1) inside my LAB. First (Active) Multi-Domain Management Server is already up and running well (with some CMAs on it).
Now, I need to add second (standby) Multi-Domain Management Server to be synchronized with the Active one.
For that purpose, I did fresh installation of R77.30 and select Secondary MDS during First Time Wizard.
In addition, I already applied exactly the same hotfixes as on Active one, (just latest Jumbo hotfix for R77.30) so both MDSs have the same hotfixes/versions.
Both MDSs should have valid (eval) licenses.
Time and Date on both MDSs is the same.
From Active MDS I have created new Multi-Domain Server, established the SIC and now I am fighting with this strange error during synchronization process:
I noticed that CPCA is shown as DOWN :
Also the strange issue is that I even cannot connect to the secondary MDS via SmartDomain Manager, and cannot add new user, nor new GUI client:
Of course I tried reboot of both machines.
Do someone of you have some clue what is going on here ?
Thank you very much for any comment.
ThanksKaspars Zibarts and Aleksei Shelepov for your effort and time.
You gave me idea to remove one specific CMA from Primary MDS (which was imported).
After removal of this problematic CMA, synchronization was finally completed !
Never seen it myself and labs always had worked for me but CPCA is definitely the clue. Maybe some hints here
"Failed to update Internal CA DB" error on synchronization failure in Management HA configuration
Looks like the right SK, although for a different version:
No communication with the Secondary MDS after creating its object
ThanksKaspars Zibarts and Aleksei Shelepov for your effort and time.
You gave me idea to remove one specific CMA from Primary MDS (which was imported).
After removal of this problematic CMA, synchronization was finally completed !
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY