- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- Re: Gaia Portal doesn't open after installing hotf...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gaia Portal doesn't open after installing hotfix
Hi!
I'm currently learning checkpoint and I've run into a problem. I tried to install the jumbo hotfix update on gateway and the installation failed due to insufficient space. The update was downloaded but the installation failed. I later allocated additional space using lvm_manager and was able to install the update via Gaia Clish. However, after that I can't access Gaia Portal.
This gateway is in a cluster and at first I thought the problem was with the cluster or network settings. However, then I remembered that the problems started after a failed upgrade.
Ping to this gateway works, port for connecting to Gaia Portal is 443.
If this is the case, can someone tell me how to solve this please? Any advice would be greatly appreciated!
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you all very much for your help! I think I found a solution. Gaia portal started working after copying a non-empty httpd-ssl.conf.templ file from a working gateway and creating a ssl_mutex directory according to https://support.checkpoint.com/results/sk/sk180829 and https://support.checkpoint.com/results/sk/sk127792
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Of course, we are always here to help you.
Some questions, things to check...
1) from clish, can you run -> show web ssl-port
2) what does portal tab show when you edit cluster object in smart console?
3) When you try log into Gaia, what is the message?
4) Did you try change the port and test?
Happy to do remote and check, if you are allowed to.
MAKE SURE fw is not running initial policy or default filter, which would block everything (default filter one that is, initial would allow ssh and web UI, but ONLY port 443). Just run fw stat command from expert mode.
Alternatively, you can try below from clish.
set web daemon-enable off
save config
set web daemon-enable on
save config
Then test again.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for your reply!
I checked these settings.
1) Output for this is web-ssl-port 443
2) Portal tab shows just internal VIP without any port
3) When I go to the gateway page the browser says that the page cannot be opened
4) No, I didn't. Should I try or shouldn't?
fw stat output shows current date of policy.
I also tried changing the daemon-enable settings, but it didn't work.
What should I do to improve the situation?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, I would try 4 and see. If you can do remote, let me know.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What version/JHF were you on previously and what JHF did you apply?
What happens if you uninstall the hotfix you attempted to install?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you all very much for your help! I think I found a solution. Gaia portal started working after copying a non-empty httpd-ssl.conf.templ file from a working gateway and creating a ssl_mutex directory according to https://support.checkpoint.com/results/sk/sk180829 and https://support.checkpoint.com/results/sk/sk127792
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FANTASTIC JOB!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The lack of those things would definitely cause the issues you were experiencing.