CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 6 of 6

Thread: Internal Server Fault when pushing policy

  1. #1
    Join Date
    2015-05-26
    Location
    Canada
    Posts
    18
    Rep Power
    0

    Default Internal Server Fault when pushing policy

    CP Version R77.30
    Endpoint: E80.51

    Brand new install (not an upgrade)

    We are replicating an old servers settings manually as it is running R73, and life is just easier doing it manually. When trying to push policy after making some more adjustments, I get the following error:

    Click image for larger version. 

Name:	Screen Shot 2015-10-13 at 3.12.05 PM.png 
Views:	145 
Size:	26.4 KB 
ID:	998

    Looking into the Checkpoint Support portal, I came across sk104865, which is about as close as I can get.

    I followed the information within, and I still get the same error (the error code seems to change with every attempted push).

    The system is still in relative testing phase, and there are only five test machines that have been pushed the initial package.

    Any thoughts on what may be going on, and what I could try to get this fixed?

    Thanks in advance.

    EDIT:

    Based on some questions I've been reading elsewhere:

    Yes, both management and endpoint licenses are installed.

    This is the output of server_messages.log, located in $UEPMDIR\logs\server_messages.log:

    Code:
    [2015-09-28 11:27:05,392]  INFO - [StdOutErrLog] Redirected STDOUT and STDERR from Tomcat's logger to main logger (this file).
    [2015-09-28 11:27:06,883]  INFO - Server  EPS.
    [2015-09-28 11:27:06,884]  INFO - AMQ Startup ActiveMQ broker service
    [2015-09-28 11:27:06,884]  INFO - activemq.xml file not found under /opt/CPuepm-R77/engine/conf/activemq.xml. Creating from template.
    [2015-09-28 11:27:06,887]  INFO - ActiveMQ broker definition full-file-path: file:/opt/CPuepm-R77/engine/conf/activemq.xml
    [2015-09-28 11:27:07,961]  INFO - Activemq Connector name=TcpConnection URI=tcp://127.0.0.1:61616?maximumConnections=1000&wireformat.maxFrameSize=104857600
    [2015-09-28 11:27:07,961]  INFO - AMQ ActiveMQ broker listens only on local interface
    [2015-09-28 11:27:07,979]  INFO - ActiveMQ broker service was started
    [2015-09-28 11:27:08,266]  INFO -
    Loading .. /opt/CPuepm-R77/engine/webapps/EPS
    [2015-09-28 11:27:08,266]  INFO - [StdOutErrLog] Creating new context for CL: -1531690730
    [2015-09-28 11:27:08,921]  INFO - Calling initialize() on com.checkpoint.uepm.blm.pushoperations.infrastructure.UsmPushOperationFacade
    [2015-09-28 11:27:08,921]  INFO - Calling initialize() on com.checkpoint.uepm.backend.common.infrastructure.ServerStartupUSM
    [2015-09-28 11:27:08,922]  INFO - Calling initialize() on com.checkpoint.uepm.emon.dal.EmonMyOrgFacadeUSM
    [2015-09-28 11:27:08,927]  INFO - Calling initialize() on com.checkpoint.uepm.backend.policydeploy.PolicyDeployUSMImpl
    [2015-09-28 11:27:08,927]  INFO - Calling initialize() on com.checkpoint.uepm.backend.keymanager.KeyManagerUSMImpl
    [2015-09-28 11:27:08,927]  INFO - Calling initialize() on com.checkpoint.uepm.db.DbConnectionProviderUSM
    [2015-09-28 11:27:08,986]  INFO - Calling initialize() on com.checkpoint.uepm.backend.CPMonitor.infrastructure.UsmCPMonitorFacade
    [2015-09-28 11:27:08,986]  INFO - Calling initialize() on com.checkpoint.uepm.blm.protector.infrastructure.UsmProtectorDecryptPayloadResponder
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.blm.softwaredeployment.policygeneration.UsmDeploymentPolicyGenerationFacade
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.emon.dal.infrastructure.SecurityPictureFacadeUSM
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.blm.fde.responder.UsmFdeGetDeviceInfoResponder
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.emon.dal.EmonAccessUSM
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.blm.adminmanagement.infrastructure.UsmActionManagementFacadeImpl
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.backend.trdreport.infrastructure.TrdReportGeneratorFacadeUsm
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.blm.softwaredeployment.infrastructure.UsmSDbackendFacade
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.backend.common.infrastructure.UsmCommonFacade
    [2015-09-28 11:27:08,989]  INFO - Calling initialize() on com.checkpoint.uepm.blm.fde.infrastructure.UsmConsumerFdeFacade
    [2015-09-28 11:27:09,009]  INFO -
    ###################################################
    Trying to load spring/commonApplicationContext.xml application context
    ####################################################
    [2015-09-28 11:27:09,400]  INFO -
    ###################################################
    Loaded spring/commonApplicationContext.xml application context
    ####################################################
    [2015-09-28 11:27:09,448]  INFO - Created instance of TransactionManager
    [2015-09-28 11:27:09,454]  INFO - Start session purifier
    [2015-09-28 11:27:09,973]  WARN - Duplicate <sql>-include 'ROOT_NODE_TYPE' found.
    [2015-09-28 11:27:09,973]  WARN - Duplicate <sql>-include 'OU_NODE_TYPE' found.
    [2015-09-28 11:27:09,973]  WARN - Duplicate <sql>-include 'VDS_ROOT_NODE_TYPE' found.
    [2015-09-28 11:27:09,973]  WARN - Duplicate <sql>-include 'DIRECTORIES_ROOT_NODE_TYPE' found.
    [2015-09-28 11:27:10,276]  WARN - Duplicate <sql>-include 'ROOT_NODE_TYPE' found.
    [2015-09-28 11:27:10,276]  WARN - Duplicate <sql>-include 'OU_NODE_TYPE' found.
    [2015-09-28 11:27:10,276]  WARN - Duplicate <sql>-include 'GROUP_NODE_TYPE' found.
    [2015-09-28 11:27:10,276]  WARN - Duplicate <sql>-include 'VDS_ROOT_NODE_TYPE' found.
    [2015-09-28 11:27:10,276]  WARN - Duplicate <sql>-include 'DIRECTORIES_ROOT_NODE_TYPE' found.
    Last edited by randyvcbc; 2015-10-13 at 20:13. Reason: added additional info

  2. #2
    Join Date
    2014-01-12
    Posts
    30
    Rep Power
    0

    Default Re: Internal Server Fault when pushing policy

    I don't see any "ERROR" lines in that log, but here are some SKs that may provide a lead :

    http://supportcontent.checkpoint.com...ons?id=sk94632
    http://supportcontent.checkpoint.com...ons?id=sk94640

    Most of the ones I found seem to be relevant to R76 but I would check and see if you can adapt the solution anyway. For example, you might try copying the install_manager_config.xml from a known good 77.30 box.

    There weren't any results for the error number in the screenshot.

  3. #3
    Join Date
    2015-05-26
    Location
    Canada
    Posts
    18
    Rep Power
    0

    Default Re: Internal Server Fault when pushing policy

    http://supportcontent.checkpoint.com...ons?id=sk94632 - The file size, and date of creation are identical between the production box, and the fresh install I tossed into a vm

    http://supportcontent.checkpoint.com...ons?id=sk94640 - This one is saying the same thing about replacing that file.

    The file size is 81454, created/modified May 18 @ 02:51 for both...

    It's strange that there are no errors in the log file, yet I'm getting an error...

    I've even tried unchecking "General Properties" as that was what one SK was mentioning as the issue causing this, and I still get an error. The error code in the title changes with every push, so I think that it is just a random code.

    Also, a lot of the SK's seem to talk about this issue occurring when there's been upgrades from older systems, and this is a fresh install.

  4. #4
    Join Date
    2015-05-26
    Location
    Canada
    Posts
    18
    Rep Power
    0

    Default Re: Internal Server Fault when pushing policy

    bumping. Still interested in some potential ideas

  5. #5
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    18

    Default Re: Internal Server Fault when pushing policy

    Quote Originally Posted by randyvcbc View Post
    bumping. Still interested in some potential ideas
    Generally speaking then if people don't have idea's as to how to help then they don't tend to post.

    No responses is likely to mean that people here don't have anything to add.

    You might want to consider raising with TAC

  6. #6
    Join Date
    2015-05-26
    Location
    Canada
    Posts
    18
    Rep Power
    0

    Default Re: Internal Server Fault when pushing policy

    We ended up wiping the system, and going to R77.20.01

    That cleared up the issues.

Similar Threads

  1. DNS connectivity loss after pushing policy
    By mobiplayer in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 9
    Last Post: 2011-11-23, 07:30
  2. Help: Error while pushing policy
    By monika_engg in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 2
    Last Post: 2011-09-08, 23:30
  3. Issue with pushing policy in R65
    By gavvys in forum IPS Blade (Formerly SmartDefense)
    Replies: 9
    Last Post: 2008-05-05, 22:01
  4. Update database without pushing policy?
    By evo22 in forum SmartDashboard
    Replies: 3
    Last Post: 2007-11-23, 12:11
  5. Error pushing policy
    By parlay in forum Check Point Backup Procedures
    Replies: 8
    Last Post: 2007-11-15, 08:57

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •