Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dayaana
Participant
Jump to solution

Gaia Portal doesn't open after installing hotfix

Hi!

I'm currently learning checkpoint and I've run into a problem. I tried to install the jumbo hotfix update on gateway and the installation failed due to insufficient space. The update was downloaded but the installation failed. I later allocated additional space using lvm_manager and was able to install the update via Gaia Clish. However, after that I can't access Gaia Portal.

This gateway is in a cluster and at first I thought the problem was with the cluster or network settings. However, then I remembered that the problems started after a failed upgrade.

Ping to this gateway works, port for connecting to Gaia Portal is 443.

If this is the case, can someone tell me how to solve this please? Any advice would be greatly appreciated!

1 Solution

Accepted Solutions
Dayaana
Participant

Thank you all very much for your help! I think I found a solution. Gaia portal started working after copying a non-empty httpd-ssl.conf.templ file from a working gateway and creating a ssl_mutex directory according to https://support.checkpoint.com/results/sk/sk180829 and https://support.checkpoint.com/results/sk/sk127792

View solution in original post

7 Replies
the_rock
Legend
Legend

Of course, we are always here to help you.

Some questions, things to check...

1) from clish, can you run -> show web ssl-port

2) what does portal tab show when you edit cluster object in smart console?

3) When you try log into Gaia, what is the message?

4) Did you try change the port and test?

Happy to do remote and check, if you are allowed to.

MAKE SURE fw is not running initial policy or default filter, which would block everything (default filter one that is, initial would allow ssh and web UI, but ONLY port 443). Just run fw stat command from expert mode.

Alternatively, you can try below from clish.

set web daemon-enable off

save config

set web daemon-enable on

save config

Then test again.

Andy

Dayaana
Participant

Thank you very much for your reply!

I checked these settings.

1) Output for this is web-ssl-port 443
2) Portal tab shows just internal VIP without any port
3) When I go to the gateway page the browser says that the page cannot be opened
4) No, I didn't. Should I try or shouldn't?

fw stat output shows current date of policy.

I also tried changing the daemon-enable settings, but it didn't work.

What should I do to improve the situation?

the_rock
Legend
Legend

Yes, I would try 4 and see. If you can do remote, let me know.

Andy

PhoneBoy
Admin
Admin

What version/JHF were you on previously and what JHF did you apply?
What happens if you uninstall the hotfix you attempted to install?

Dayaana
Participant

Thank you all very much for your help! I think I found a solution. Gaia portal started working after copying a non-empty httpd-ssl.conf.templ file from a working gateway and creating a ssl_mutex directory according to https://support.checkpoint.com/results/sk/sk180829 and https://support.checkpoint.com/results/sk/sk127792

PhoneBoy
Admin
Admin

The lack of those things would definitely cause the issues you were experiencing.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events