Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Daniel_Kavan
Advisor
Jump to solution

Check Point Mobile Access Portal Agent Code: 300

A problem with launching Portal Agent has been detected several times. Contact your System Administrator.
Code: 300

I have an Ubuntu and Windows user getting this error this week.

0 Kudos
1 Solution

Accepted Solutions
Daniel_Kavan
Advisor

Those debugs were from the client side, linux.

We are working again after adding back cipher suites allowed in multi portal.

View solution in original post

7 Replies
_Val_
Admin
Admin

Look into Debug section of sk104577. If you cannot find an issue, open a TAC request.

the_rock
Legend
Legend

I could have sworn I seen that error before. let me go through my emails and see if I can find what the solution was.

0 Kudos
Daniel_Kavan
Advisor

Looking at the debugs, I suspect maybe from tightening up the cipher suites.

 

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] GenerateGlobalEntry: Unable to get registry path
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] CkpRegDir: Environment variable CPDIR is not set.
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] GenerateGlobalEntry: Unable to get registry path
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] fwrand_write_seed: Failed to write seed.: Operation not permitted
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] CkpRegDir: Environment variable CPDIR is not set.
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] GenerateGlobalEntry: Unable to get registry path
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] isExist: ProxyEntity didn't initiated yet
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::start_async: Creating a new connection
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::start_async: Connecting to gw: 0xe5c9e283, port: 443
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] fwasync_make_connection: 83e2c9e5/443: dowait is -1 sock is 6
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::start_async: Connection created successfully
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] fwasync_conn_params: <c0a8011a,41937> -> <83e2c9e5,443>
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::client_handler: state: CONN_INIT - entering
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::client_handler: start ssl negotaition
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::client_handler: start openSSL negotaition
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_PrepareConnection: verify mode: 0
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] My SSL Ciphers:
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] Cipher List:
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 0: AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 1: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 2: DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 3: RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 4: DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::client_handler: Returning OK!!!
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_NegotiateStep: current state = before/connect initialization
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_NegotiateStep: should retry.
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_NegotiateStep: current state = SSLv2/v3 read server hello A
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] SSL e stack
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] 18074:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:757

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_NegotiateStep: Current step failed. Error is: 336032784
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] ckpSSL_fwasync_connected: no connections err -3
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] fwasync_end_conn: scheduling the end of connection 6
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] fwasync_do_end_conn: closing connection 6 (conn=9f38540)
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::end_handler: ending connection
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] snx_browser::Failure: entering with code: 1
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] got link down!- exit
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] snx: quit.

[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] snx_browser::~snx_browser: called
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::~talkssl: delete link
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] talkssl::~talkssl: end
[ 18074 -141400256]@gruffalo[11 Jan 10:11:40] done

the_rock
Legend
Legend

I found an email I was looking for. So what happened was back in the day, customer upgraded from R80.10 to R80.30 and this issue happened about a week later and after spending 3-4 hours debugging, TAC told them to reboot the fw and after that all worked. There was no changes in cipher_util at all.

0 Kudos
the_rock
Legend
Legend

Also, somewhat important...what debugs did you do from sk104577?

0 Kudos
Daniel_Kavan
Advisor

Those debugs were from the client side, linux.

We are working again after adding back cipher suites allowed in multi portal.

the_rock
Legend
Legend

Good job!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events