|
|
In This Section: |
These are some errors that you can experience. For more troubleshooting information, see the sk111060 - ATRG: vSEC / CloudGuard for VMware NSX.
Symptom
This error shows when you select an NSX Security Gateway for Service Registration:
The NSX Manager you selected is not connected to a known vCenter
Solution
Make sure that the host name of the vCenter (which was registered to the NSX Manager) is used when creating the vCenter Data Center object. If the names are different, then the CloudGuard CLI cannot recognize the connection between the NSX Manager Server and the vCenter Server.
Symptom
This error shows:
Error during rest callback
"PUT to the registered ServiceManager at:https://<Service Manager IP>/vmware/2.0/si/serviceprofile/serviceprofile-<ID> caused by : I/O error: No route to host; nested exception is java.net.NoRouteToHostException: No route to host."PUT to the registered ServiceManager at : https:<Service Manager URL>/vmware/2.0/si/serviceprofile/serviceprofile-55 caused by : I/O error: Connection refused; nested exception is java.net.ConnectException: Connection refused.""Failed to create service"Solution
Make sure that the NSX Manager and the CloudGuard Controller can communicate using port 443.
Symptom
This message shows:
OVF file https://<IP_Address>:<Port>/ve/Security_Gateway_R80_10CloudGuard.ovf is inaccessible or doesn't exist. resolve the issue or choose different OVF
Solution
/ve folder is configured.Go to CloudGuard VMware Service Manager > Change Global Configuration > Manage Service OVF's and configure as necessary.
Symptom
This error shows when there is a service deployment failure:
Error Service deployment failed with the message
Installation of deployment unit failed, please check if ovf/vib urls are accessible, in correct format and all the properties in ovf environment have been configured in service attributes. Please check logs for details.“
Solution
Make sure the OVF files can be reached from the vCenter Server.
Make sure you are using the correct OVF files.
To confirm that the OVF files can be reached:
Symptom
This error shows when you cannot call a security solution:
Error "Unable to call security solution , please check security solution configuration: Error during REST callback : PUT to the registered ServiceManager at : https://<Service Manager Address>/vmware/2.0/agents/ caused by : I/O error: No route to host; nested exception is java.net.NoRouteToHostException: No route to host. Deployment Plugin execution failed"
Cause
The NSX Manager Server failed to correctly communicate with the Check Point CloudGuard Controller.
Next steps:
netstat –nap | grep 8443
Symptom
This error shows when there is a powered off CloudGuard Gateway Virtual Machine on one of the hosts:
Agent VM {vSEC Gateway VM NAME} on host {host} is expected to be powered on ({agencyName})
Solution
Symptom
This error shows when there is an ESXi host server without a CloudGuard Gateway deployed on it:
Agent VM is missing on host {host.name} ({agencyName})
Solution
Symptom
This error shows:
No agent datastore/network configuration on host
Solution
The CloudGuard Gateway cannot be deployed, due to missing host server configurations. Set Agent VM settings.
If the Service VM agent is not deployed, follow these steps to re-initiate the deployment:
Symptom
After three failures, the auto provisioning feature stops trying to create objects in SmartConsole. Every 10 minutes all the deployed CloudGuard Gateways are matched with the NSX Manager database and created or deleted.
This error shows:
Error Failed creating cluster object. Maximum retries exceeded for object. Please configure the object manually
Solution
ObjectsMap.C file.Set retries_left to 999.
Run: show {timezone | time | date}
If they are not the same, run: set {timezone | time | date}
cp_conf sic init <Secret One-Time Password>