Checkpoint Failed to load policy on module
精选
转载
Failed to load Policy on Module' error in SmartDashboard when policy installation fails
|
|
Solution ID: | | sk89001 | Product: | | Security Gateway | Version: | | R70, R71, R75, R76, R77 | Date Created: | | 03-十二月-2012 | Last Modified: | | 03-十二月-2013 |
| |
|
|
SYMPTOMS |
|
'Failed to load Policy on Module ' error in SmartDashboard when policy installation fails.
Loading the local policy with 'fw fetch localhost ' command on the Security Gateway succeeds.
The files in the $FWDIR/state/__tmp/FW1/ directory on the Security Gateway are not updated when the policy installation is attempted from the SmartDashboard.
Debug of FWM daemon on Security Management Server shows:
CPTA_InstallFailReasonTranslate: error number 5
|
|
CAUSE |
|
The CPD process is not running Security Gateway or has stopped working correctly. This can happen if CPD process is not being monitored by the Check Point WatchDog process.
|
|
SOLUTION |
|
Follow these steps on Security Gateway: Stop the CPD process:
[Expert@HostName]# cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"
Check if the CPD process is not running anymore:
[Expert@HostName]# ps auxw | grep cpd
If the process is still running, the kill it manually:
[Expert@HostName]# kill -KILL $(ps auxw | grep -w cpd | awk '{print $2}')
Start the CPD process:
[Expert@HostName]# cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd"
Check the status of CPD process:
[Expert@HostName]# cpwd_admin list | grep -E "APP|CPD"
The 'CPD' process should appear in the output, and its STAT should be 'E' (executing)
Example: cpwd_admin:
APP PID STAT #START START_TIME COMMAND MON
CPD 2808 E 1 [10:34:50] 15/6/2012 cpd Y
Install the policy in SmartDashboard.
Note: Restarting the CPD process on a Standalone machine will not have impact on the passing traffic.
|