CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 10 of 10

Thread: Smart Dashboard login issue R77.30 open server.

  1. #1
    Join Date
    2017-04-10
    Posts
    7
    Rep Power
    0

    Default Smart Dashboard login issue R77.30 open server.

    Hello,

    recently we install Gaia R77.30 on an Open server for management only and configured successfully and able to access through web GUI and SSH we allowed our Dashboard system IP address in GUI client also.

    when trying to connect through dashboard we are getting below error

    Connection cannot be initiated, please make sure that the server X.X.X.X server is up and running and you are defined as GUI client.

    Please help to resolve


    Thanks,
    Prem

  2. #2
    Join Date
    2012-07-10
    Location
    Zurich, Switzerland
    Posts
    257
    Rep Power
    7

    Default Re: Smart Dashboard login issue R77.30 open server.

    Make sure that you enable your GUI Client in cpconfig:

    Expert@yourMgmtServer:0]# cpconfig
    This program will let you re-configure
    your Check Point Security Management Server configuration.


    Configuration Options:
    ----------------------
    (1) Licenses and contracts
    (2) Administrator
    (3) GUI Clients
    (4) SNMP Extension
    (5) Random Pool
    (6) Certificate Authority
    (7) Certificate's Fingerprint
    (8) Automatic start of Check Point Products

    (9) Exit

    Enter your choice (1-9) :3

    Enter the IP address of your GUI Client (or any)

  3. #3
    Join Date
    2017-04-10
    Posts
    7
    Rep Power
    0

    Default Re: Smart Dashboard login issue R77.30 open server.

    Quote Originally Posted by slowfood27 View Post
    Make sure that you enable your GUI Client in cpconfig:

    Expert@yourMgmtServer:0]# cpconfig
    This program will let you re-configure
    your Check Point Security Management Server configuration.


    Configuration Options:
    ----------------------
    (1) Licenses and contracts
    (2) Administrator
    (3) GUI Clients
    (4) SNMP Extension
    (5) Random Pool
    (6) Certificate Authority
    (7) Certificate's Fingerprint
    (8) Automatic start of Check Point Products

    (9) Exit

    Enter your choice (1-9) :3

    Enter the IP address of your GUI Client (or any)
    Already tried this option

  4. #4
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,204
    Rep Power
    13

    Default Re: Smart Dashboard login issue R77.30 open server.

    Are you sure it was configured as management only and not management+gateway? What does command fw stat show?

    If it is just management, is process fwm up and running? ps -ef | grep fwm If not check $FWDIR/log/fwm.elg
    --
    Second Edition of my "Max Power" Firewall Book
    Now Available at http://www.maxpowerfirewalls.com

  5. #5
    Join Date
    2018-02-01
    Posts
    6
    Rep Power
    0

    Default Re: Smart Dashboard login issue R77.30 open server.

    Quote Originally Posted by ShadowPeak.com View Post
    Are you sure it was configured as management only and not management+gateway? What does command fw stat show?

    If it is just management, is process fwm up and running? ps -ef | grep fwm If not check $FWDIR/log/fwm.elg

    Yes its Management only :

    # ps -ef | grep fwm
    admin 4179 3986 0 05:36 ? 00:04:42 fwm
    admin 15087 15056 0 22:11 pts/2 00:00:00 grep fwm
    # $FWDIR/log/fwm.elg
    bash: /opt/CPsuite-R77/fw1/log/fwm.elg: Permission denied
    #

  6. #6
    Join Date
    2017-03-08
    Posts
    3
    Rep Power
    0

    Default Re: Smart Dashboard login issue R77.30 open server.

    Hi,

    This is probably related to an issue that popped up in the last week. It is described on Check Mates and also has an SK with a solution.

    https://community.checkpoint.com/thr...8-comes-closer

    https://supportcenter.checkpoint.com...ionid=sk122612

    I hope this helps and please post back if it resolved your issue.

  7. #7
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,621
    Rep Power
    9

    Default Re: Smart Dashboard login issue R77.30 open server.

    Wow.. thanks for the heads up on this SK.

  8. #8
    Join Date
    2018-02-01
    Posts
    6
    Rep Power
    0

    Default Re: Smart Dashboard login issue R77.30 open server.

    Yes it worked.

  9. #9
    Join Date
    2017-04-10
    Posts
    7
    Rep Power
    0

    Default Re: Smart Dashboard login issue R77.30 open server.

    Thanks.
    It's working

  10. #10
    Join Date
    2007-03-30
    Location
    DFW, TX
    Posts
    234
    Rep Power
    12

    Default Re: Smart Dashboard login issue R77.30 open server.

    Quote Originally Posted by jflemingeds View Post
    Wow.. thanks for the heads up on this SK.
    That's a neat trick. Reminds me of an issue I saw once. Somebody had an NTP appliance and was using it to set the time on his SmartCenter. SecurePlatform's "NTP client" was just ntpdate, which blindly trusts the upstream time source and sets the time. No drifting. No sanity checking. It's perfectly happy to jump years at a time.

    Well, the guy's NTP appliance lost its mind and decided to walk forward through the UNIX timestamp space. Over the span of about 30 minutes, it stepped forward in time to 2038, then it wrapped back around to 1901 before catching up to the present. He had his SmartCenter set to sync every two minutes. During one of the syncs, the SmartCenter's ICA happened to expire. The not-valid-before date was set to a day earlier, then the not-valid-after date was set several years in the future from that. There was clearly no overflow checking on the certificate generation code, so the not-valid-after date wound up in the early 1900s.

    Once his system caught back up to the present time, cpd would wake up every second, see it was after the expiration date, and revoke all of its certs. It would then go to reissue them. It doesn't make sense to reissue an expired certificate for earlier dates, so it would reissue all of the certificates for the same dates. The next second, it would wake up and do it all over again. His CRL grew about a megabyte over a weekend.

    We never did figure out what was going on with the NTP appliance. I suspect it lost its upstream time source and didn't know how to slow down its tick rate to let real time catch up. When it reacquired upstream time, its only option would be to go forward really, really fast.



    Good to know if I have to install an old Check Point version, I will have to set the date back.
    Zimmie

Similar Threads

  1. Smart Dashboard Login Issues post R77.10 Upgrade
    By Neilharrison_253 in forum R77.10
    Replies: 13
    Last Post: 2014-07-17, 21:30
  2. Smart Dashboard Login Question
    By mosheen in forum SmartDashboard
    Replies: 6
    Last Post: 2013-05-10, 17:51
  3. Replies: 1
    Last Post: 2012-01-19, 08:11
  4. cannot log in to smart dashboard in windows 2003 server
    By JuniorMember in forum Installing And Upgrading
    Replies: 3
    Last Post: 2009-09-23, 14:09
  5. Can not login smart dashboard
    By darkprince21 in forum SmartDashboard
    Replies: 5
    Last Post: 2008-09-24, 01:27

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •