AnsweredAssumed Answered

Could not connect to "cws.checkpoint.com:80"

Question asked by 382ebafb-1684-4a9a-a883-d718abdbc04c on Sep 12, 2018
Latest reply on Nov 12, 2018 by Santiago Platero

Hello-

 

Every couple of hours or so we receive the message below from our internet facing gateway(s) though curl shows connectivity every time I check for a connection after getting this alert.  I've seen in this in production and a lab environment; I've also heard that others experience the same.  I'm curious to know why this occurs at all and am open to suggestions in trying to solve, or at least mitigate, the occurrences. 

 

SK109105 did not seem to help me and we do not use HTTPs inspection or a proxy server.  Both our mgmt server (VM) and this HA (open source) cluster is running 80.10 patch level 112.  

 

Thank you

 

Validation:

[Expert@FWFront001:0]# curl cws.checkpoint.com:80
<html><body><h1>It works!</h1></body></html>

 

[Expert@FWFront001:0]# cpstat -f RAD_status urlf

RAD status: -
RAD status description: -

 

Email message:

HeaderDateHour: 12Sep2018  8:21:00; ContentVersion: 5; HighLevelLogKey: N/A; LogUid: N/A; SequenceNum: N/A; Action: ctl; Origin: FWNameHere; IfDir: >; InterfaceName: daemon; Alert: useralert; OriginSicName: N/A; OriginSicName: ; HighLevelLogKey: 18446744073709554515; description: Failed to connect to Check Point Anti Malware detection service.; reason: Could not connect to "cws.checkpoint.com:80". Check proxy configuration on the gateway.; severity: 3; update status: Failed; ProductName: Anti Malware; ProductFamily: Network;

 

2 different error logs (could not connect and Internal error occured, could not connect)

log error

 

log error 2

Outcomes