Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Carlos_Jara
Contributor
Jump to solution

Identity collector unstable with error - sk113021 and password is ok

Hi,

We are detecting that Identity collector unstable with error - sk113021 and password is ok.

We change the identity collector server keys in the smartconsole (checkpoint cluster), apply policies, and then reconnect. After a few hours the error occurs again (error - sk113021).

Could you help me?

fallo 01 - 23-12-2022_21-09-58.jpgfallo 02 - 23-12-2022_21-11-02.jpg

 

 

fallo 03 - 23-12-2022_21-11-02.jpg

 

0 Kudos
1 Solution

Accepted Solutions
Carlos_Jara
Contributor

Hi,

SOLVED!!!!

The root problem was on self signed certificate in the cluster, we update de certificate with one valid certificate in "Platform Portal" + Regenerate Keys (Ientity Collector) + Install Policy + Trust new certificate in Ientity Collector Server  ... and finaly it's WORKS. 

Many thank's for your help!

 

View solution in original post

7 Replies
the_rock
MVP Gold
MVP Gold

Did you ensure connectivity is there between the server and the fw? Also, is option for "all interfaces" selected as defined in the sk?

Andy

Best,
Andy
0 Kudos
Carlos_Jara
Contributor

Hi,

Connectivity  between the server and the fw is ok and option for "all interfaces" is selected as defined in the sk.

any other idea?

 

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP

Out of interest which version of identity collector agent is used here?

CCSM R77/R80/ELITE
(1)
Carlos_Jara
Contributor

We are trying with two servers with this versions --> 81.035 Y 81.040

VERSION ID COLLECTOR  02  - 24-12-2022_23-35-55.jpgVERSION ID COLLECTOR  01  - 23-12-2022_21-11-02.jpg

the_rock
MVP Gold
MVP Gold

Can you run pdp idc status and pdp connections idc commands on the firewall?

Best,
Andy
(1)
Carlos_Jara
Contributor

Hi,

This is the result!

[Expert@fwcdg02:0]# pdp idc status
Identity Collector IP: 10.192.199.214
Identity Sources:
No information about identity sources


[Expert@fwcdg02:0]# pdp connections idc

Number of IDCollector sessions: 1
------------------------------------------------------------------------------------------------------------
# IP Number of events Shared secret status Last Event
------------------------------------------------------------------------------------------------------------
1 10.192.199.214 46541 Valid No events received in the last hour

 

 

I attach you Identity Collector Server Trace (ia_ag*.logs)

 

0 Kudos
Carlos_Jara
Contributor

Hi,

SOLVED!!!!

The root problem was on self signed certificate in the cluster, we update de certificate with one valid certificate in "Platform Portal" + Regenerate Keys (Ientity Collector) + Install Policy + Trust new certificate in Ientity Collector Server  ... and finaly it's WORKS. 

Many thank's for your help!

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events