Troubleshooting

1. On the Multi-Domain Server Dedicated Check Point server that runs Check Point software to host virtual Security Management Servers called Domain Management Servers. Synonym: Multi-Domain Security Management Server. Acronym: MDS., when you use the "vsec_lic_cli" tool in MDS (System) Mode, there is a Domain that is not listed in the View License Usage output.

   Explanation:

   Only Domain Management Servers Virtual Security Management Server that manages Security Gateways for one Domain, as part of a Multi-Domain Security Management environment. Acronym: DMS. with active Security Gateways appear in the View License Usage output.

   To make sure the Security Gateway is on:

   • Make sure the Domain Server can reach the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. (use ping or telnet commands).

   • Make sure Check Point processes are running.

   • Make sure Secure Internal Communication (SIC Secure Internal Communication. The Check Point proprietary mechanism with which Check Point computers that run Check Point software authenticate each other over SSL, for secure communication. This authentication is based on the certificates issued by the ICA on a Check Point Management Server.) is established between the Domain and the Security Gateway and the policy is successfully installed.

2. The View License Usage option shows multiple pools with the same name.

   Explanation:

   This can occur when different Central Licenses have different blade packages that map to the same pool name.

   For example:

   • License "A" with the blades URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. and Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. belongs to a pool called VE-NGTP.

   • License "B" with the blades URL Filtering, Application Control, Anti-Bot Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT., and Anti-Virus Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. belongs to a pool called VE-NGTP. But it is a different pool than that of license "A".

   To have Central Licenses grouped in the same pool, make sure they have the same blades and valid contracts.