Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Prabulingam_N1
Advisor

Threat Emulation Environment selection of Images - issue

Dear All,

One of our customer have TE1000x dedicated appliance in Gaia R77.30. Mgmt server in R80.10 with Clusters as well.

Since no internet connectivity for TE Appliance - we have manually downloaded the images (WinXP,Win7 etc) and followed as per sk92509.

Engine version is fine, with tecli show advanced downloads images - Image status shows "READY".

In TEAppliance Object_GeneralProperties_under ThreatEmulation Tab_Advanced - Under Image management - we could see the manually downloaded images (attaching screenshot).

We have TE Policy_Custom_Optimized.
Under this Profile -ThreatEmulation_Advanced -Emulation Environment - Unable to see manual images.


ted is fine. No update failure on TEengine.

Got Tracker log error: Emulation ended with errors:File was not emulated on some of the operating systems. reason: File emulation is configured to emulate on the Recommended Environment. The Recommended Environment is not available because it is downloading or initializing

No luck even after installing TP policy on TE Appliance.

Any idea to help out.


Regards, Prabulingam.N

8 Replies
Sagar_Manandhar
Advisor

hi,

can you look for TE status in Smart monitor whether it is show all status of the OS is ready or not.

Regards,

Sagar

0 Kudos
Prabulingam_N1
Advisor

Dear Sagar,

Yes, TE status is fine and the Images were showing "READY" which was Offline downloaded.

I suspect that since the Mgmt server did not have Internet access, the R80.10 Console is not able to fetch the images eventhough those images were available in Appliances.

And hence the ThreatPolicy on the appliance with this Recommended environment (which is Online) is making failure for Emulation process.

I have raised case with TAC, awaiting further.

Regards, Prabulingam.N

0 Kudos
Sagar_Manandhar
Advisor

Dear Prabulingam,

Since you have manually uploaded the image there may have been issue with the gateway. There should be dlp folder in the gateway.

you can follow sk104321 in case there is no such folder in gateway ($FWDIR/tmp/dlp). DLP folder store the file temporarily for forwarding to the emulation appliance.

Regards,

Sagar Manandhar

0 Kudos
Thomas_Werner
Employee Alumnus
Employee Alumnus

The Mgmt Server needs internet access (directly or via proxy) to populate the TE file types and image list.

If there is absolutely no way to get internet access for the Mgmt ther is a way to update the info via copying XML files - but this is not the recommended way because you will miss updates.

Regards Thomas

0 Kudos
Prabulingam_N1
Advisor

Dear Thomas,

Yes , I got the same reply from TAC and I also doubted it.

Probably customer might provide internet connectivity to Mgmt/FW/TE appliance via proxy towards CheckPoint Cloud servers.

Let me await if any progress on this.

Regards, Prabulingam.N

0 Kudos
Christian_Berc1
Explorer

Hi,

I've the same issue. Before upgrading to R80.20. TE images were displayed in the TE profile. The TE appliance has Internet access via proxy and everything seems ok. Mails with attachments are well emulated.  I think I've to open ticket to TAC.

Best regards

Christian

0 Kudos
Christian_Berc1
Explorer

Hello again,

I confirm, it's an Internet Issue from the Management server or CMA. I configured the proxy in the Global Properties and now it works fine. All images are displayed in the profile TE

Best regards

Christian

0 Kudos
Prabulingam_N1
Advisor

Good to hear Friend, with Internet connectivity it gets resolved,

Rg,Prabu

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events