This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
NCSJuanKoon
Participant
a week ago

SIC failed - error 111

Hi Forum,

Just wondering if anyone got any insights for issue faced.

we are doing tech refresh for checkpoint gateway and when trying to establish SIC with smart-1.

error shows error no 111

 

we are unable to establish SIC with smart-1.

telnet <ip> 18191 and ping works from GW to Smart-1 

 

Thank you

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee
a week ago

Per sk67420 have you confirmed there are no MTU issues between management and the gateway?

CCSM R77/R80/ELITE
0 Kudos
NCSJuanKoon
Participant
a week ago
In response to Chris_Atkinson

Hi Chris,

 

Yes , shouldnt be an issue as this is a tech refresh and everything is as per the same as existing configuration with no changes.

 

0 Kudos
HeikoAnkenbrand
Champion Champion
Champion
Saturday

To resolve the "SIC failed - error 111" issue, follow these steps:

1. Check Network Connectivity: Ensure there is proper network connectivity between the Security Management Server and the Security Gateway. You can use the ping command to verify this.


2. Verify MTU Settings: The error might be due to MTU size issues. Discover the correct MTU size on the path between the Security Management Server and the Security Gateway. Use the ping command with the "Don't Fragment" flag to find the appropriate MTU size:

  • On Gaia/SecurePlatform OS:
    [Expert@HostName]# ping -s Size_in_Bytes -M do -c 4 -n Target_IP_address

  • On Windows:
    ping -l Size_in_Bytes -f Target_IP_address

Start with Size_in_Bytes=1500 and decrease until the pings succeed.

 

3.  Adjust MTU Size: Once you determine the correct MTU size, adjust the MTU settings on the relevant interface of the Security Management Server or Security Gateway to match the lowest MTU value on the path.

4. Re-establish SIC: If the above steps do not resolve the issue, you may need to reset the SIC. This should be done as a last resort, as it temporarily disrupts communication between the Security Management Server and Security Gateways. Follow the steps in sk65764 - How to reset SIC.

5. Check Time Synchronization: Ensure that the time, date, and time zone are synchronized between the Management Server and the Security Gateway. Use the /bin/date -u command to verify UTC/GMT time.

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events