Hello, 

I need to collect logs from gateways running on R81.20 as we encounter a  problem after upgrading to R81.20. (gateway is authenticating the user, but it only pulls "All users" group, not all  the groups the users is part of. FW security policies based on Access roles fail. Anyone else ? 

I had a meeting earlier today with a TAC engineer, he was able to gather the debug logs from one  gateway. He's off shift, so I have to collect debug & logs from another gateway.  When I run the same commands on another gateway (R81.20  JHA T38 // 3800 series), I get the following: 

[Expert@pcpfw04:0]# pdpd debug on
fwasync_create_socket_bindopt: failed to bind to a reserved port: Address already in use

[Expert@pcpfw04:0]# pdpd debug status
fwasync_create_socket_bindopt: failed to bind to a reserved port: Address already in use

[Expert@pcpfw04:0]# pepd debug on
Unable to open '/vs0/dev/fw6v0': Connection refused

Any idea what I'm doing wrong?

Full debug list for IA  - just to have it at hand

updated commands as per official guide pdp debug (checkpoint.com)

#Enable debugs:
#=================
pdp debug on
pdp debug set all all

pep debug on
pep debug set all all

echo "======DEBUG_START======" >> $FWDIR/log/fwd.elg
fw debug fwd on TDERROR_DBG_OPT=time,host,prog,topic,pid,tid
fw debug fwd on TDERROR_ALL_ALL=5
fw debug fwd on OPSEC_DEBUG_LEVEL=3

NOW CONNECT IA AGENT

#Disable debugs:
#==================
fw debug fwd off TDERROR_ALL_ALL=0
fw debug fwd off OPSEC_DEBUG_LEVEL=0

echo "=======DEBUG_STOP======" >> $FWDIR/log/fwd.elg
pdp debug off

pep debug off
pep debug reset

++ tcpdump -nei  to save pcap with connections between the gateway and LDAP.