This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LuisTR
Participant
‎2022-03-11 12:11 PM

Security Zone object are not attached to any interface

My client has deployed a ClusterXL R81.10 Load Sharing, with Take_22. Its policies manage it with Zones through Inline Layer, and so it was working perfectly. And each vlan or subinterface of the Firewall is attached with a Security Zone.

interface_security_zone.png

rules.png

 

Over time, a new vlan or subinterface (bond2.12) attached to the Security Zone called "DesktopVirtuales_SegNvl" was added where, when policies are installed, there is an installation error indicating that the zone is not attached to any interface.

installation_error.png

error_message.png

 

Here we can see that the "DesktopVirtuales_SegNvl" zone is attached to the bond2.12 vlan or subinterface.

vlan_subinterface.png

 

Does anyone know how to fix this error?

Regards

0 Kudos
7 Replies
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2022-03-11 05:19 PM

Hi Luis,

Two suggestions for you:

1. Please review sk177129 to see if it helps with your scenario

2. Attempt to disable accelerated policy install temporarily per sk168055

CCSM R77/R80/ELITE
the_rock
MVP Platinum
MVP Platinum
‎2022-03-12 03:47 AM
In response to Chris_Atkinson

I find solution in that sk very odd for this issue...would not workaround described simply cause a failover from dashboard??

Best,
Andy
0 Kudos
LuisTR
Participant
‎2022-03-14 07:46 AM
In response to Chris_Atkinson

Thanks for your response Chris. Regarding your suggestions:

1. Does not apply to my client's scenario.

2. I couldn't validate said sk168055 but I'll keep it in mind.

 

I was able to perform a kind of workaround or artifice to be able to temporarily solve the problem of installing policies.

What I did was:

- Disassociate or remove the Security Zone check "DesktopVirtuales_SegNvl" from the bond2.12 subinterface.

Screenshot_2.png

 

Then just Post. And then I re-attached it or placed the Security Zone check.

Finally, I published and installed policies. And it was installed successfully.

 

But it seems that this policy installation problem occurs every so often.

Does anybody know what is it due to?

What could be a definitive solution?

0 Kudos
Marcel_Gramalla
Advisor
‎2022-03-14 08:20 AM
In response to LuisTR

Is this error only happening on accelerated installs? I already said that if this is the case you can get a hotfix for that as this is a bug on the management server. You can open a support case and request a fix for that or just wait a few months to get that fixed (not yet included in Ongoing Take 38). The bug id to look at is: PRHF-22326 (I hope I'm allowed to share that).

LuisTR
Participant
‎2022-03-14 09:05 AM
In response to Marcel_Gramalla

Hi Marcel, thanks for your reply.

Yes, the policy installation is an accelerated installation.

So, is it a bug of the Security Management Server but not of the Security Gateway?

Is there public information with the bug id  PRHF-22326?

 

0 Kudos
Marcel_Gramalla
Advisor
‎2022-03-14 09:08 AM
In response to LuisTR

Correct, the hotfix we received is for the management. There is no public info yet as from searching the knowledgebase. 

Marcel_Gramalla
Advisor
‎2022-03-12 02:04 AM

If this is only happening with an accelerated policy install there is a private hotfix available for the management server. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events