Solved: Re: After Upgrading the Management Server to R80.4...

ProxyOps · ‎2020-04-21

Hello,

we upgraded our Open Server from R80.20 to R80.40 and installed the ongoing take 25.

On the R80.40 SmartConsole we tried to install a hotfix central with the new feature on a R80.20 Cluter-XL (Cluster-XL Active-Passiv) Take 141.

We tried to install the hotfix centraly following the R80.40 Security Management Documentation "Central Deployment of Hotfixes".

We receive inside the opening window a error message from our proxy:

"Service Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later."

Also you can see on the SmartConsole, that the Recommended Jumbo stays on "N/A".

We verified already our proxy connection from Management and the R80.20 Security Gateway cluster. All tests were successfully we can download hotfix from checkpoint cloud etc. We also followed sk83520 and all tests were successfully for both the Gateway Cluster and the Open Management Server.

Can somebody help with this problem ?

Kind regards

Niklas

Boaz_Orshav · ‎2020-04-29

Hi

Central Deployment using the Smart Console has a limitation and it will not function when there is a proxy between the Smart Console and the Management Server.

We are checking how to overcome this limitation and in the meantime we shall update the documentation to clarify it.

Thanks and sorry 😞

Boaz

View solution in original post

PhoneBoy · ‎2020-04-23

Have you opened a TAC case?

ProxyOps · ‎2020-04-23

No I didn‘t.

The documentation regarding this Feature is very limited.

I will open a case when I have some time. As this Feature is „only“ a nice to have for us, and it is really not top priority for us right now.

So I thought, lets ask here for some Good ideas.

When nobody can help with the Problem here, I will raise a case later for sure

Tsahi_Etziony · ‎2020-04-24

Hey @ProxyOps,

Which version and Jumbo runs on the GW?

Since this feature is relatively new, and was released after the release of R80.20 and R80.30, it requires a minimum Jumbo version to be installed on the GWs if they run versions prior to R80.40, so they will report their recommended Jumbo to the SmartConsole. But even without the choosing the recommended Jumbo, you can still install a specific Jumbo on the GWs from SmartConsole.

ProxyOps · ‎2020-04-24

Hi @Tsahi_Etziony ,

on the GW run R80.20 Take 141.

So this shouldn't be a problem.

No installing a specific jumbo via smartconsole also doesn't work currently.

When I try to install a hotfix on smartconsole via Select Gateway -> Actions -> Install Hotfix a new window is opening inside the smart console. It looks like the smartconsole is trying to open a https connection to the Management Server. But I receive a error message as described in my first post.

So it looks like the smart console is trying to connect to the Management Server via https and is getting an error.

I would try to find out more but I was not able to find a document that explains the traffic flow and why the smart console is is failing to connect to the management server

I guess this is caused by the same problem, why also Recommended Jumbo stays on "N/A".

I would require more information, about what happens when I press the "install hotfix" button and how the recommended Jumbo display is working.

For your Information, "Recommended Updates" is working perfectly fine for gateway and management.

I also added a screenshot from the error message.