Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Steve_Payne1
Contributor

remove proxy config

we used to get all ips  and other updates via a proxy,

 

we are decommissioning these but the mgmt  boxes are still going to proxy for signature checks

where in the CLI can i find where the proxy setting has stuck, even though its turned off in gui and smartconsole

this is for R81

thanks

sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
sigcheck.checkpoint.comBlocked72.247.177.81
0 Kudos
5 Replies
Chris_Atkinson
Employee Employee
Employee

Did you check all areas of SmartConsole including the object itself and global properties?

Menu > Global Properties > Proxy
Object > Network Management > Proxy

clish > show proxy

 

After the change does the issue persist even following a cpstop/cpstart or reboot?

 

CCSM R77/R80/ELITE
0 Kudos
jgriffiths
Explorer

Hi Chris,

I work with Steve and I've been looking into this issue. We've checked all proxy configuration on the appliances themselves and also via SmartConsole, all of which don't have the proxy settings configured. The appliances/management platforms have been rebooted following the removal of the proxy configuration.

I've identified the proxy configuration remains under the ics_configuration > signature > updates > proxy_address of the management platform database - this was identified with GuiDBedit.

From what I understand this section is applicable for threat prevention signature updates. We're in the process of decommissioning our proxies and having the proxy configured may cause us a problem once they've been turned off.

Are you able to confirm whether my understanding is correct? i.e. signature updates will cease once the proxies are turned off, and also whether we can use GuiDBedit to remove the proxy configuration?

Thanks,

0 Kudos
GMynott
Explorer

Hello there,

We have noticed the same issue with our appliances and management server.
Recently removed the proxy configuration via Clish, SmartConsole, and Global Properties, however some connections are still using the proxy.

Via GuiDBEdit I found the following setting still configured with the proxy:
- Managed Objects > asm > ProductVPN1PRO > fdt_proxy_address
- Other > content_security > Global_EDGE_Settings > signature_updates > proxy_address
- Other > content_security > Global_AV_Settings > signature_updates > proxy_address
- Other > ics_configuration > Global_ICS_Settings > signature_updates > proxy_address
- Other > uf_policy > Global_UF_DB_Updates_user_modified > proxy_address

@jgriffiths did you manage to resolve this by editing the database?
@Chris_Atkinson is editing the database the preferred way to fully remove the proxy?

Cheers

0 Kudos
jgriffiths
Explorer

Hi, the config still exists in the DB, we were advised against directly editing the database if possible. We were able to confirm the Gateways/Management servers were able to reach the required FQDN using curl

curl_cli sigcheck.checkpoint.com:80 -v

You should get a response like the below

Connected to sigcheck.checkpoint.com (72.247.177.160) port 80 (#0)

Even though the proxy config remains its not in use. The proxies are no more and it still works.

Cheers,

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Please work with TAC to address, generally editing the database in such a fashion is otherwise unsupported.

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events