After rebooted one of cluster member, I found it lost the connection to Management Server for somehow. SIC, SSH, GUI all are not working anymore. Through Console, I could log into firewall and found this:
[Expert@CP-FW-2]# cpconfig
cpinst Error: Host name resolution for CP-FW-2 failed.
Local host name resolution is required for normal Check Point Security Gateway operation
Please correct this error and run cpstart again:
Add an entry for CP-FW-2 in /etc/hosts
Since it mentioned /etc/hosts file, based on previous experience, I opened the hosts file to check.
[Expert@CP-FW-2]# cat /etc/hosts
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/hosts_xlate on Wed Sep 26 09:27:03 2012
#
# DO NOT EDIT
#
192.168.1.1 CP-FW-2.gddd.com
127.0.0.1 localhost
::1 localhost
I added a new line into hosts file:
192.168.1.1 CP-FW-2
then did cpstop and cpstart. Everything comes back. Policy loaded and firewall connected back to management server. But this change doesn't survive a reboot. Since we are using Gaia version R75.40, Gaia doesn't support manually configuration of hosts file. What we can do is using following method to change hosts file:
from clish: set host name <hostname> ipv4-address <interface IP>
save config
Tested with a reboot, the change is kept in hosts file this time. Issue resolved.
No comments:
Post a Comment