Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rudy_Dichoso
Participant

Check Point secondary gateway unable to update license.

Hi,

One of our client are running a Distributed firewall cluster setup, we renew their license but only the primary gateway was able to update the IPS and application control license, the secondary gateway keeps on showing the expired license.

 

Hope someone would help.

0 Kudos
4 Replies
MartinTzvetanov
Collaborator

failover to the secondary gateway and wait few hours. It's somehow related to the queries sent by the secondary gw and the replies goes to the primary one.
0 Kudos
G_W_Albrecht
Legend
Legend

Or try to update licenses + services by CLI...

CCSE CCTE SMB Specialist
0 Kudos
Ruan_Kotze
Advisor

There's a couple of options listed in sk43807.

Typically this issue is caused by the gateway's traffic being hidden behind the cluster IP, thus we can fix it with a NAT rule. You'll have to create a rule for each gateway in your cluster which states that for any traffic originating from the gateway (create objects with your external IP's) to any, use original.

Thanks,
Ruan

0 Kudos
Dorit_Dor
Employee
Employee

Most contracts are validated on the cloud so contracts no longer need to be updated on the gw

is your gw able to run application control? Does it get the service? If not, the issue isnt the license but the service accessibility 

if it does get the service, you are good to go and dont need license

 

 

 

0 Kudos