[Mendax]

The issue is that I had managed to set the Edge boxes to connect to the SmartCenter and download policies from it, all well so far. I noticed recently that the policies are not changing on the Edge devices when I make alterations in the Dashboard (even after propagation time). I started finding that when I attempted to install a policy onto the Edge I got an error with the following sequence:

Info: VPN-1 Embedded Connector 5.0.23 starting
Error: <device name>: Can't contact database, 15000
Info: VPN-1 Embedded Connector is done. rc = 1
Compilation failed.
Operation ended with errors

I disabled all the rules on the FW cluster (it's in pre-rollout at the moment) and just enabled the NAT from outside to the SmartCenter and the two rules that allow SWTP_SMS in from the Edge devices to the SmartCenter and SWTP_Gateway out from the SmartCenter to the Edge devices. No change....

I attempted to reconnect the devices to the SmartCenter and just got "The SmartCenter server did not respond" (or something equivalent to that anyway). I did some packet captures on the enforcement modules and on the Edge device and noticed that the SmartCenter server was responding to connections to UDP/9282 with ICMP Port Unreachable. I attempted SMSSTART on the SmartCenter machine but noticed that there was no change, and when I tried to SMSSTOP I was told that the process had already been stopped! So I tried looking into how to get more debug info into the logs.... after finding that I could start SMS manually with output to the console I tried it and got the "15000: Can't contact database" error....