Print Download PDF Send Feedback

Previous

CloudGuard Controller Troubleshooting

In This Section:

CloudGuard Controller Troubleshooting

CloudGuard Data is Deleted Unpredictably on CloudGuard Security Gateway

CloudGuard Controller Troubleshooting

Below are some messages you may see in SmartConsole:

Message

Description

Solution

Connection lost to Data Center server url <URL> with user <User>

Lost connection possibly due to connectivity issues.

In the Data Center object, click Test Connection.

Failed to update policy with data center objects. Install policy again to resolve the issue

The install process completed correctly, but there is corrupt policy data in a data center object.

 

Connectivity to data center server <IP Address> lost. Objects imported from this data center server are no longer being updated

Persistent connectivity issues between the Security Management Server and CloudGuard Controller to the data center exist.

Resolve connectivity issues.

Failed to update data center server objects on gateway <GW Name>. If issue persists contact Check Point Support.

CloudGuard Controller fails to update a Security Gateway.

The may be no connectivity to a Security Gateway.

  • Make sure there is SIC between the Security Gateway and CloudGuard Controller.
  • Make sure to enable the Identity Awareness API on the Security Gateway.

Failed to generate data center server objects of new policy, Security gateways are no longer updated with the new data center objects

There is a transfer fail of a policy to a Security Gateway.

Install the Access Control Policy again.

Failed to stop updates of data center objects on the secondary management server

Data transmission to a Security Gateway from a Secondary Security Management Server stops.

Install the Access Control Policy again.

Failed to start updates from previous standby domain

CloudGuard Controller fails to start updating a Security Gateway.

It is possible that there is no connectivity to a Security Gateway.

Install the Access Control Policy again.

Failed to stop updates of data center objects for deleted domain. Contact Check Point Support

CloudGuard Controller fails to stop Domain enforcement when a Domain is deleted.

Install the Access Control Policy again.

CloudGuard Data is Deleted Unpredictably on CloudGuard Security Gateway

Symptom

CloudGuard data is deleted unpredictably on the CloudGuard Security Gateway.

Root Cause

The CloudGuard Security Gateway is not synchronized with CloudGuard Controller data.

Solution

Reset the CloudGuard Controller state on the Security Gateway:

Step

Description

1

Connect to the command line on the Management Server.

 

Log in to the Gaia Clish, or Expert mode.

2

Run:

vsec_controller_cli

3

Select:

Resend enforcement data to gateway

4

Select the Security Gateway to reset.

Note - If data is not synchronized after reset, contact your Check Point partner, or Check Point Support.