CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


I'd like to thank everyone involved for making "The CPUG Challenge" a great success.
We helped a lot of people see and learn a bit more about R80.10, while having some fun.
We will be using this success to try and bring more events to more locations soon. -E

 

Results 1 to 7 of 7

Thread: Issues Saving Policy in SmartDashboard

  1. #1
    Join Date
    2016-10-27
    Posts
    7
    Rep Power
    0

    Default Issues Saving Policy in SmartDashboard

    Hi everyone,

    I'm curious if everyone has ever run in to something like this. We usually stage changes in the day and save the policy in SmartDash. In the evening, the policies are pushed out to the FWs.

    I staged a change one day and in the evening, my saved changes were not there. I thought maybe I forgot to save it, but I was certain I did. I created an additional change for the next day and saved it once more in dashboard. After saving, I exited the CMA and went back in to it to the policy to ensure the saved changes were still present. They were. In the evening, the pre-staged changes once again disappeared and were gone. I don't get any errors when saving to the policy in SmartDash, it saves successfully.

    Before I attempt #3, I need to look in to this and what may be causing it, I've never seen such behavior before. Has anyone else? Any ideas?

    Thanks!

  2. #2
    Join Date
    2007-06-04
    Posts
    3,218
    Rep Power
    15

    Default Re: Issues Saving Policy in SmartDashboard

    When you save the changes are you performing a Database Revision.

    Isn't anyone doing a Database Revision Restore to a previous database is there?

  3. #3
    Join Date
    2016-10-27
    Posts
    7
    Rep Power
    0

    Default Re: Issues Saving Policy in SmartDashboard

    Quote Originally Posted by mcnallym View Post
    When you save the changes are you performing a Database Revision.

    Isn't anyone doing a Database Revision Restore to a previous database is there?
    No I'm not creating a database revision entry.

    No revision restores were performed either..

  4. #4
    Join Date
    2006-09-26
    Posts
    2,958
    Rep Power
    13

    Default Re: Issues Saving Policy in SmartDashboard

    Quote Originally Posted by kkzc97 View Post
    No I'm not creating a database revision entry.

    No revision restores were performed either..
    I've to say that I've never seen it either. However, in order to confirm that you are not smoking weed during the day and that you actually made the change during the day. I would do something like this:

    1- perform the change during the day,
    2- save the policy,
    3- perform mds_backup (since you said CMA, I am assuming you're using Provider-1)
    4- in the evening, once you confirm that the change was not there, perform an "mds_restore" with the mds_backup you had in step #3 and confirmed that the change actually took place,

    if mds_restore is not possible (you might have multiple CMA on the Provider-1), you can take the mds_backup and restore on your lab provider-1 and confirm it there. You can open a ticket with Checkpoint as well.

    If everything fails, reboot of Provider-1.

    My production Provider-1 is up and running for 643 days and it has issues this morning with high CPU with confd process and lot of clish processes. I decided to reboot the P-1 box and after reboot, it comes back normal again. Go figure.

  5. #5
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,275
    Rep Power
    7

    Default Re: Issues Saving Policy in SmartDashboard

    Quote Originally Posted by kkzc97 View Post
    Hi everyone,

    I'm curious if everyone has ever run in to something like this. We usually stage changes in the day and save the policy in SmartDash. In the evening, the policies are pushed out to the FWs.

    I staged a change one day and in the evening, my saved changes were not there. I thought maybe I forgot to save it, but I was certain I did. I created an additional change for the next day and saved it once more in dashboard. After saving, I exited the CMA and went back in to it to the policy to ensure the saved changes were still present. They were. In the evening, the pre-staged changes once again disappeared and were gone. I don't get any errors when saving to the policy in SmartDash, it saves successfully.

    Before I attempt #3, I need to look in to this and what may be causing it, I've never seen such behavior before. Has anyone else? Any ideas?

    Thanks!
    I'd start by taking a look at the logs. In tracker there is a tab at the very top not many people notice. Its labeled "Management". This is the audit logs. All changes are logged here. I'd start here and see if anything is showing up in there. Next ssh in and look at $FWDIR/log/fwm.elg*. Sometimes these files get dorked up and you'll see a lot of ^@ (these are nulls).

    If that doesn't point out anything then you may need to debug fwm and try to replicate the issue again. If you need a hand with this i'd open a tac case. if you want to go it your own its basically the following. Sometimes debug will not turn off and you'll need to restart fwm.

    fw debug fwm on TDERROR_ALL_ALL=5
    tail -F $FWDIR/log/fwm.elg > /var/log/fwm.elg
    recreate isseue (dashboard will run very slow btw)
    fw debug fwm off

    The tail -F will follow the fwm.elg file as it rotates. output will be large. Search for save and start poking around. If nothing found make a cpinfo, grab the fwm.elg you created and open a tac case. These files will be very useful.

    off hand.. how is disk space looking?

  6. #6
    Join Date
    2016-10-27
    Posts
    7
    Rep Power
    0

    Default Re: Issues Saving Policy in SmartDashboard

    Sorry for the late response.

    I couldn't find anything in the smarttracker mgmt logs.

    fwm.elg does not exist in my log directory.

    I wont be able to debug until after hours, so I can get to that shortly.

    Disk Space is good, about 85% free.

    I noticed an issue with syncing between the 2 mgmt servers but the secondary is not being used at all and it appears to have been like this for quite some time. This shouldn't be the problem if the active/live mgmt server is the only one being used and where all of the policies are saved and pushed out. This issue occured on the primary mgmt server 3 times. The 4th attempt actually worked and the config saved successfully and didn't disappear. We're now having the same issue replicate though in other cases with this one CMA/Mgmt server only.

  7. #7
    Join Date
    2006-09-26
    Posts
    2,958
    Rep Power
    13

    Default Re: Issues Saving Policy in SmartDashboard

    Quote Originally Posted by kkzc97 View Post
    I noticed an issue with syncing between the 2 mgmt servers but the secondary is not being used at all and it appears to have been like this for quite some time. This shouldn't be the problem if the active/live mgmt server is the only one being used and where all of the policies are saved and pushed out. This issue occured on the primary mgmt server 3 times. The 4th attempt actually worked and the config saved successfully and didn't disappear. We're now having the same issue replicate though in other cases with this one CMA/Mgmt server only.
    Didn't someone in the forum say that Management H/A is a good thing?

Similar Threads

  1. Replies: 3
    Last Post: 2012-10-10, 01:53
  2. error while saving policy
    By itobald in forum SmartDashboard
    Replies: 8
    Last Post: 2011-03-21, 06:37
  3. High CPU on UTM-1 2076 after saving policy
    By TRLSecurity in forum Check Point UTM-1 Appliances
    Replies: 51
    Last Post: 2010-11-08, 11:45
  4. Smartdashboard configuration issues
    By L1nuxExp3rt in forum SmartDashboard
    Replies: 1
    Last Post: 2008-05-03, 08:11
  5. Desktop Security/Policy Server logon failure issues issues
    By Clon32 in forum SecureClient/SecuRemote
    Replies: 3
    Last Post: 2006-10-25, 06:32

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •