Every couple of hours or so we receive the message below from our internet facing gateway(s) though curl shows connectivity every time I check for a connection after getting this alert. I've seen in this in production and a lab environment; I've also heard that others experience the same. I'm curious to know why this occurs at all and am open to suggestions in trying to solve, or at least mitigate, the occurrences.
SK109105 did not seem to help me and we do not use HTTPs inspection or a proxy server. Both our mgmt server (VM) and this HA (open source) cluster is running 80.10 patch level 112.
[Expert@FWFront001:0]# curl cws.checkpoint.com:80
[Expert@FWFront001:0]# cpstat -f RAD_status urlf
RAD status: -
RAD status description: -
HeaderDateHour: 12Sep2018 8:21:00; ContentVersion: 5; HighLevelLogKey: N/A; LogUid: N/A; SequenceNum: N/A; Action: ctl; Origin: FWNameHere; IfDir: >; InterfaceName: daemon; Alert: useralert; OriginSicName: N/A; OriginSicName: ; HighLevelLogKey: 18446744073709554515; description: Failed to connect to Check Point Anti Malware detection service.; reason: Could not connect to "cws.checkpoint.com:80". Check proxy configuration on the gateway.; severity: 3; update status: Failed; ProductName: Anti Malware; ProductFamily: Network;
2 different error logs (could not connect and Internal error occured, could not connect)