This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
Legend
Legend
‎2021-11-16 05:48 AM

The package is installed, self-test failed message in web UI after installing jumbo 131 for R80.40

Hey guys,

Just wondering if this would be something to be concerned about...so, to make a long story short, we upgraded R80.40 cluster last week to jumbo 131 and one of the firewalls went fine, but the other one installed the jumbo and then could not be accessed via VPN at all, so customer had to go on site and make sure firewall was accessible, reboot it ands then it worked. Since then, we see message in the title in web UI and though jumbo shows its installed and clustering is working, I just wanted to confirm its not a cause for concern.

I found below sk:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

I also attached the install log about it too. Also, fw fetch local command works fine, so I am pretty sure all is fine, but just wanted to get second opinion : - )

 

Cheers.

Preview file
61 KB
0 Kudos
6 Replies
G_W_Albrecht
Legend Legend
Legend
‎2021-11-16 05:59 AM

Seems some processes were not running (yet) - so to confirm, i would compare the processes of both nodes to see if same are running on both !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend
‎2021-11-16 06:03 AM
In response to G_W_Albrecht

Thanks brother, thats first thing I checked and they match exactly the same!

0 Kudos
Boaz_Orshav
Employee
Employee
‎2021-11-16 06:02 AM

Hi

 After the installation is done, the Deployment Agent (CPUSE) verifies some things and if any test fails it issues the message you describe.

  Unless you configured anything special, it verifies that the main processes that were up before the upgrade are up after.

  Sometimes it might take too long for a process to start so the mechanism times out.

  You do not need to be concerned but please verify on the machine that the processes are not terminated (i.e. T state) using "cpwd_admin list" and that install policy to this machine finishes successfully.

I'm almost sure the reboot recovered a failed process if there was such but just to be on the safe side - please check the above

Boaz

the_rock
Legend
Legend
‎2021-11-16 06:03 AM
In response to Boaz_Orshav

Yes, confirmed with that command and it looks correct.

0 Kudos
the_rock
Legend
Legend
‎2021-11-16 06:12 AM
In response to Boaz_Orshav

Also, another weird thing that happened after this was that customer experienced inconsistent results with DUO push notification sent to users defined for radius, sometimes they would get it, sometimes not...personally, I dont believe this jumbo is the cause for it, but its odd that never used to happened before the procedure and reboot. Anyway, we will check more with TAC on that today. I will probably end up running capture on the active fw for port 1812 and see what we get.

Thanks guys!

0 Kudos
the_rock
Legend
Legend
‎2021-11-16 08:04 AM
In response to Boaz_Orshav

Anyway Boaz, due to some other issues, customer decided its best we revert to take 120, which we did, so I asked them to test everything to make sure it works as expected. I will see if any other issues, but lets hope not : - )

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events