PDA

View Full Version : Error no.10 - When loading policy



humayun
2006-07-31, 16:01
fw01 NGX R60 Advanced Security Installation failed. Reason: TCP connectivity failure ( port = 18191 )( IP = 198.88.119.254 )[ error no. 10 ].


Any clues on the above error follks?
thanks

kva.kva
2006-08-01, 03:44
You don't have connection between SmartCenter and Module. There are a lot of causes for that.

northlandboy
2006-08-01, 04:49
Indeed there are. CPD might not be running on the module itself, or there might be routing/firewall/network issue between the management server and the module.

Check that you can login to the module. Run cpstat fw, make sure everything is running and happy. The module should be listening on 18191.

Check that everything is OK network-wise between server and module. Can you telnet from the server to the module on port 18191?

harishak
2006-11-30, 01:18
fw01 NGX R60 Advanced Security Installation failed. Reason: TCP connectivity failure ( port = 18191 )( IP = 198.88.119.254 )[ error no. 10 ].


Any clues on the above error follks?
thanks


I also facing similar problem pls help me to solve the problem

harishak
2006-11-30, 01:21
Indeed there are. CPD might not be running on the module itself, or there might be routing/firewall/network issue between the management server and the module.

Check that you can login to the module. Run cpstat fw, make sure everything is running and happy. The module should be listening on 18191.

Check that everything is OK network-wise between server and module. Can you telnet from the server to the module on port 18191?

Thanks I fallow your tips and innform you,
Harish

Acidio
2006-11-30, 15:13
You could unload the policy on the gateway and then push the policy. This usually solves the problem.

I have seen instances where for no apparent reason comms from mgmt to the GW stops. I can only guess at a corrupt policy being on the GW, as we performed essentially the same process as the northlandboy has mentioned and everything looked fine. So unloading the policy was the only option that worked.

Fudge
2006-12-15, 12:52
You could unload the policy on the gateway and then push the policy. This usually solves the problem.

I have seen instances where for no apparent reason comms from mgmt to the GW stops. I can only guess at a corrupt policy being on the GW, as we performed essentially the same process as the northlandboy has mentioned and everything looked fine. So unloading the policy was the only option that worked.

What is the command to unload on SPLAT R60?
I cant find it, it used to be fwstart unload localhost on prev versions but doesnt
work on R60

northlandboy
2006-12-15, 13:30
fw unloadlocal, same as it's always been - at least for all of the NG series.

chillyjim
2006-12-15, 19:49
fw unloadlocal, same as it's always been - at least for all of the NG series.

Only from NG up. AFAIK the older command "fw unload local@local" worked until NGAI. But another one of those FP3/R54 changes that confused me to no end.

The only time you need commands like these are when you've killed your firewall, in the middle of the night and can't get to the web to find the docs you should have downloaded before you started the upgrade :(

Vaibhavp22
2012-06-18, 05:01
Thanks Acidio

Your instructions worked.

I have recently purchased the new Checkpoint 2012 appliance (4807) & installed R75.40 Gaia & had created a dummy setup where i was trying to push the policy but landed up with tcp 18191 communication error.

Tried all the solutions possible as per my knowledge & finally thought of getting in CPUG where i always get my problems resolved :-)

I did fw unloadlocal & tried to push the policy & it worked.


Thanks again


Greetings
Vaibee