This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ronald_Canchica
Explorer
Explorer
‎2019-02-22 05:12 AM

Threat Emulation blade don´t connect to Checkpoint Cloud

Dear, 

I'm trying to implement Threat emulation Blade in Chassis 64k, Especifically in one VS. I followed the steps by sk111405. But as I´m implementing ThreatCloud environment, I didn´t follow the step "7. Perform an Offline Update of the Threat Emulation Engine.".  

When I finished this implementation, VS object in the smartconsole showed next Error message:

Error: Update failed: The Security Gateway cannot download the file.The Security Gateway cannot connect to the Internet. We recommend that you check the network connection and proxy settings

My SMS have R80.10 version. I already checked Internet Connectivity of my VS and SMS. 

I would like to know if is there something that I am missing?

I appreciate your help.

Thanks,

3 Replies
Daniel_Taney
Advisor
‎2019-02-22 05:27 AM

Did you check connectivity from vs0? I'm not 100% positive, but I think updates and check-in communications originate from vs0 and not from the vs directly running the blade.

R80 CCSA / CCSE
0 Kudos
Ronald_Canchica
Explorer
Explorer
‎2019-02-22 05:50 AM

Yes, I already tested it. I also have in the VS inside chassis many blades activated, all of them are working and making update everytime. 

I also enabled Threat Emulation Blade on VS0, although I don´t know if it is necessary, and it showed me the same Error message of VS1.

0 Kudos
Daniel_Taney
Advisor
‎2019-02-22 08:21 AM
In response to Ronald_Canchica

When you say you already checked Internet connectivity, do you mean that you specifically tested connectivity to Check Point services? or just the Internet in general? If just the Internet in general, have you seen or tested this sk article? If you run some curl_cli tests, do you see them passing all the way through? I have an environment with multiple layers of Firewalls between it and in the Internet and had to write explicit rules in those other Firewalls to accommodate the implicit rules allowed in others. 

This also may seem like a strange question, but do you use Geo-location enforcement? If you do, I've seen issues post R80.10 where the Gateways try to reach "c12resolver.ctmail.com". It appears that Check Point's Geo-IP Database places this IP in Hong Kong; which we block. I had to put Geo exceptions in for 103.5.198.210 and 84.39.153.31. The function of those IP's is explained in this sk, but not under the context of the connections failing. 

Since it says this is intended for URL Filtering, it may not be related to your issue at all. But I suppose couldn't hurt to check whether connections to this IP's are being blocked. 

R80 CCSA / CCSE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events