This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Kaspars_Zibarts
Employee Employee
Employee
‎2022-09-07 03:19 AM

SNMPv3 and Captive Portal not working after VSX backup restore R80.40 T139

Just wanted to share our unfortunate experiences with 23800 appliance that decided to die this weekend.

Actual RMA process went quite smooth and we installed the new box and even backup restore procedure was smooth sailing. All looked great till we got to last couple of "minor" checks - SNMP functionality and IA Captive Portal. 

SNMPv3 issue. 

We were able to poll VS0 but polling other VSes ended up in no response message. Many hours of troubleshooting including this article https://community.checkpoint.com/t5/Security-Gateways/R80-40-snmpv3/m-p/91926# led to nothing. Eventually we worked out that 

/etc/snmp/vsx-proxy/snmpd.vsx.proxy.conf

file was empty after backup restore. Which is actually responsible for internal SNMP comms between VS0 and other VSes. Checking backup archive we can see that all files from that directory are actually missing. Seems a bug to me. Solution was to copy same file from the other node in the cluster.

Captive Portal

We do use IA a lot and Captive Portal is fairly essential. It was "dead" after backup restore. The idea from SNMP fault led us to check relevant directories in backup archive and both were missing or empty!

/opt/CPsuite-R80.40/fw1/nacportal/wrapper/*

/opt/CPNacPortal/*

Attempted a manual copy as per https://community.checkpoint.com/t5/Security-Gateways/IA-Captive-Portal-missing-after-upgrade-to-R80... but unfortunately it did not help. Still no solution and TAC case open. Will update here once we have it.

Sorry guys but I wanted to tag you here as you helped in past! @Adi_Babai and @Royi_Priov 🙂

If you have used VSX backup restore - let us know if it went ok for you!

 

Labels
0 Kudos
2 Replies
Wolfgang
Authority
Authority
‎2022-09-07 07:35 AM

@Kaspars_Zibarts really great findings.

In the past we had the same problem with SNMPv3 after a restore of a failing node in a VSX-cluster. After long time and a lot of long running sessions with TAC we give up and did a fresh install of the system and vsx_util reconfigure.... Everything was fine after these procedure.

0 Kudos
Kaspars_Zibarts
Employee Employee
Employee
‎2022-09-07 07:49 AM
In response to Wolfgang

@Wolfgang now you have a solution! 🙂 

But yes - normally I would do manual re-build, this was actually first time I gave it a go, I mean backup restore and I was pleasantly surprised! It actually saved a lot of hassle - doing vsx_util, fwkern.conf, affinity, MQ, licenses, IA settings - all got carried over actually.

Of course we lost a lot of hours troubleshooting two above and in hindsight I probably would have had 100% results in old school way 🙂 but still, some of us should dare and report! 🙂 then it will get better

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events