This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nmelay
Collaborator
‎2022-10-10 10:31 AM

Check Point 6700 believes it's a 3800

Hi,

We received a pair of new 6700 appliances today.
Out of the box, on R81, we were unable to get the Mgmt or eth1 interface working.
Switching to R80.40 on the boot menu failed (automatic reboot during boot).
Updating the system with ISOmorphic failed (same).
We were able to manually update to R81.10 from USB, but the network issue remained.

Then I realized that there was a problem with the network interface naming.
The logical Mgmt interface was actually mapped to the eth1 physical port, and some interface names had the "_rename" suffix attached to them.

gw-c0571d> show interfaces
Mgmt
eth0
eth1
eth2
eth3
eth4
eth5
eth6
eth7
eth8
eth9
eth10_rename
eth11_rename
eth12
lo
gw-c0571d> 

We were then able to get a working WebUI... only to discover that the appliance model displayed is "3800".
"dmidecode -t system" still shows its SKU is QM-15, which mean its a 6700 appliance indeed (phew) as per sk37692.

The appliance model misdetection seems to be the cause to the network interface mismatch, as the interface count and naming on a 3800 is not the same, and makes the onboot interface rename fail.

It seems like in this modern world, Check Point appliances won't accept the model that was "assigned" to them...

Does this look like a known issue?
Is there an easy fix for this?

NB: Before you ask, this was raised to TAC, remote session scheduled for tomorrow.

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2022-10-10 12:12 PM

Yeah, this is definitely TAC case territory.

For R80.40, you need a special image linked here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
R81/R81.10 should use the standard image...and I would expect a 6700 should be detected properly.
You can try this procedure, but it's for Open Servers: https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&so... 

0 Kudos
nmelay
Collaborator
‎2022-10-10 04:59 PM
In response to PhoneBoy

We used the generic R81.10 Take 335 image, which as you said is supposed to detect 6700's properly.

The Open Servers interface rename procedure won't work indeed, and sk97446 explains the udev rules file used for interface (re-)naming is selected according to the appliance model.

Which brings us back to the wrong appliance model being detected/selected.

What really worries me is we both have issues with the installed system and are unable to boot on a new ISO.
Oh well, we were also unable to boot on the factory reset partitions, or the diagnostics partition.
Smells like RMA.

0 Kudos
the_rock
Legend
Legend
‎2022-10-10 06:01 PM
In response to nmelay

Agree 100% with you, definitely "smells" like RMA.

0 Kudos
_Val_
Admin
Admin
‎2022-10-17 04:00 AM

Just curious, what is your current status with this?

0 Kudos
nmelay
Collaborator
‎2022-10-18 12:17 PM
In response to _Val_

TAC is still working on it, but this got nowhere so far.
We've been told one other customer hit the same issue.

We asked for a RMA, waiting for the delivery.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events