CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 6 of 6

Thread: Unable to activate threat emulation on 4600 appliances

  1. #1
    Join Date
    2012-06-13
    Posts
    368
    Rep Power
    8

    Default Unable to activate threat emulation on 4600 appliances

    Hi Guys,

    I have 4600 and TEX SKU attached to it. However when trying to activate Threat Emulation it fails at Checking Internet connection or Connectivity to Cloud. I am pretty sure I do have internet connectivity and firewall is reachable to CP Cloud. Even I confirmed that through Tracker as well as TCPdump that firewall is able to reach certain CP IPs on port 80 as well 443 but somehow this is failing.

    Before raising to TAC though to have a word with gurus here and see if I get an hint.

    One of the SK says to accept contract option enabled in Global Properties and I do have that option enabled.

    Any other clue guys?

  2. #2
    Join Date
    2006-04-27
    Location
    Twillight zone
    Posts
    1,009
    Rep Power
    15

    Default Re: Unable to activate threat emulation on 4600 appliances

    what does the following commands say

    'tecli show statistics" (last part "Last Sharing Suceeded")

    Otherwise check sk83520 which covers different check point URL's, among others threat emulation and how you can verify that your gateway can reach them

  3. #3
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    17

    Default Re: Unable to activate threat emulation on 4600 appliances

    What Jumbo Take do you have installed

    Basically you need to be on 184 or above now if running Threat Emulation as the Threat Emulation Engine before that Jumbo doesn't support SHA-256, even if have patched the Gateway for SHA-256 compatibility.

    Am presuming here that on R77.30!

    My guess here would be that as you appear to have Network level connection ( and presuming that the License shows under support in User Centre ) that is going to be SHA-256 compatibility based on the information you have provided.

    Personally not had issues with Jumbo 216 other then on VSX so probably worth updating the gateway to Jumbo 216 which is the current GA release.

    Might be worth checking the CPUSE Deployment Agent version and cpinfo version and update those to the current releases anyway whilst at it.

  4. #4
    Join Date
    2012-06-13
    Posts
    368
    Rep Power
    8

    Default Re: Unable to activate threat emulation on 4600 appliances

    Quote Originally Posted by abusharif View Post
    what does the following commands say

    'tecli show statistics" (last part "Last Sharing Suceeded")

    Otherwise check sk83520 which covers different check point URL's, among others threat emulation and how you can verify that your gateway can reach them
    It says the daemon is not started since I did not install the policy.

  5. #5
    Join Date
    2012-06-13
    Posts
    368
    Rep Power
    8

    Default Re: Unable to activate threat emulation on 4600 appliances

    Quote Originally Posted by mcnallym View Post
    What Jumbo Take do you have installed

    Basically you need to be on 184 or above now if running Threat Emulation as the Threat Emulation Engine before that Jumbo doesn't support SHA-256, even if have patched the Gateway for SHA-256 compatibility.

    Am presuming here that on R77.30!

    My guess here would be that as you appear to have Network level connection ( and presuming that the License shows under support in User Centre ) that is going to be SHA-256 compatibility based on the information you have provided.

    Personally not had issues with Jumbo 216 other then on VSX so probably worth updating the gateway to Jumbo 216 which is the current GA release.

    Might be worth checking the CPUSE Deployment Agent version and cpinfo version and update those to the current releases anyway whilst at it.
    I feel this could be the reason though I wanted to try after installing HFA 216.

  6. #6
    Join Date
    2012-06-13
    Posts
    368
    Rep Power
    8

    Default Re: Unable to activate threat emulation on 4600 appliances

    dang!! I mean I tried implementing on my vmware workstation on open server with proper eval licenses and proper internet connectivity plus have HFA 216 installed though while activating it gives me the same error.

    CPMGMR> show installer installed_packages
    Num File Name Type
    1 Check_Point_R77_30_JUMBO_HF_1_Bundle_T216_FULL.tgz Wrapper


    Communication with Threat Cloud:
    --------------------------------
    Last Sharing succeeded:-
    Last Sharing failed: -
    Sharing Identifier:HASHED_f16bf90343b652c2e46c42be5f15da07-1c72e34bd835d8c195ea5a34bb60d424
    Threat emulation engine version is: 22.990000002
    Last edited by blason; 2017-05-11 at 15:12.

Similar Threads

  1. This is just to easy to bypass Threat Emulation
    By varera in forum Threat Prevention
    Replies: 19
    Last Post: 2017-06-23, 13:57
  2. Threat Emulation Hold Scanning
    By robs609 in forum Threat Prevention
    Replies: 11
    Last Post: 2016-06-24, 12:11
  3. How to stop "threat emulation" popup
    By mitch4949 in forum SmartDashboard
    Replies: 3
    Last Post: 2016-06-08, 16:46
  4. Activate Trial Liciense SPLAT R70
    By goldarrow in forum Licensing
    Replies: 1
    Last Post: 2009-11-09, 06:38
  5. How to activate OSPF on VPN1-Edge
    By bdabral in forum Check Point UTM-1 Edge Appliances
    Replies: 5
    Last Post: 2006-06-15, 03:17

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •