PDA

View Full Version : Unable to activate threat emulation on 4600 appliances



blason
2017-05-10, 04:16
Hi Guys,

I have 4600 and TEX SKU attached to it. However when trying to activate Threat Emulation it fails at Checking Internet connection or Connectivity to Cloud. I am pretty sure I do have internet connectivity and firewall is reachable to CP Cloud. Even I confirmed that through Tracker as well as TCPdump that firewall is able to reach certain CP IPs on port 80 as well 443 but somehow this is failing.

Before raising to TAC though to have a word with gurus here and see if I get an hint.

One of the SK says to accept contract option enabled in Global Properties and I do have that option enabled.

Any other clue guys?

abusharif
2017-05-10, 05:27
what does the following commands say

'tecli show statistics" (last part "Last Sharing Suceeded")

Otherwise check sk83520 which covers different check point URL's, among others threat emulation and how you can verify that your gateway can reach them

mcnallym
2017-05-10, 05:28
What Jumbo Take do you have installed

Basically you need to be on 184 or above now if running Threat Emulation as the Threat Emulation Engine before that Jumbo doesn't support SHA-256, even if have patched the Gateway for SHA-256 compatibility.

Am presuming here that on R77.30!

My guess here would be that as you appear to have Network level connection ( and presuming that the License shows under support in User Centre ) that is going to be SHA-256 compatibility based on the information you have provided.

Personally not had issues with Jumbo 216 other then on VSX so probably worth updating the gateway to Jumbo 216 which is the current GA release.

Might be worth checking the CPUSE Deployment Agent version and cpinfo version and update those to the current releases anyway whilst at it.

blason
2017-05-10, 05:56
what does the following commands say

'tecli show statistics" (last part "Last Sharing Suceeded")

Otherwise check sk83520 which covers different check point URL's, among others threat emulation and how you can verify that your gateway can reach them

It says the daemon is not started since I did not install the policy.

blason
2017-05-10, 05:57
What Jumbo Take do you have installed

Basically you need to be on 184 or above now if running Threat Emulation as the Threat Emulation Engine before that Jumbo doesn't support SHA-256, even if have patched the Gateway for SHA-256 compatibility.

Am presuming here that on R77.30!

My guess here would be that as you appear to have Network level connection ( and presuming that the License shows under support in User Centre ) that is going to be SHA-256 compatibility based on the information you have provided.

Personally not had issues with Jumbo 216 other then on VSX so probably worth updating the gateway to Jumbo 216 which is the current GA release.

Might be worth checking the CPUSE Deployment Agent version and cpinfo version and update those to the current releases anyway whilst at it.

I feel this could be the reason though I wanted to try after installing HFA 216.

blason
2017-05-11, 15:03
dang!! I mean I tried implementing on my vmware workstation on open server with proper eval licenses and proper internet connectivity plus have HFA 216 installed though while activating it gives me the same error.

CPMGMR> show installer installed_packages
Num File Name Type
1 Check_Point_R77_30_JUMBO_HF_1_Bundle_T216_FULL.tgz Wrapper


Communication with Threat Cloud:
--------------------------------
Last Sharing succeeded:-
Last Sharing failed: -
Sharing Identifier:HASHED_f16bf90343b652c2e46c42be5f15da07-1c72e34bd835d8c195ea5a34bb60d424
Threat emulation engine version is: 22.990000002