Management HA/Full HA Lagging Issue


 Management HA/Full HA Lagging Issue
Symptoms:
 1. Management HA status shows “Lagging”
 2. When synchronizing manually, the status changes to 'Synchronized' and then to 'Lagging' after updating contracts. 
Solution:
Procedure A:
1. Stop the checkpoint services
#cpstop
2. Backup $FWDIR/conf/mgha directory
#cp $FWDIR/conf/mgha/*    /var/tmp
3. Delete the contents of $FWDIR/conf/mgha directory
#rm $FWDIR/conf/mgha/*
4. Backup CPMIL* and applications.C* files from $FWDIR/conf directory
#cp $FWDIR/conf/CPMIL*   /var/tmp
#cp $FWDIR/conf/applications.C*  /var/tmp
5. Remove CPMIL* and applications.C* files form $FWDIR/conf directory
#rm $FWDIR/conf/CPMIL*
#rm $FWDIR/conf/applications.C*
5. Start checkpoint services
#cpstart
If Procedure A doesn't solve the issue, then go with Procedure B
Procedure B:
->Open SmartUpdate and perform Contract Update (SmartUpdate > Licenses & Contracts > Update Contracts > From UserCenter...) 
->Check HA Synchronization status on SmartDashboard 

->If Contract Update makes is changing status to Lagging, please following below steps: 
1. Stop the checkpoint services
#cpstop
2. Backup the $FWDIR/conf/tables.C file
#cp $FWDIR/conf/tables.C   tables.C.bak
3. Add attribute mgmt_ha_opt to contracts table.
Search for table contracts
add the following line just after :private_lockable (false)
:mgmt_ha_opt (0x00000001)
This how it should like before the change:
= = = ==
)
: (contracts
:display_str (Contracts)
:table_clsid ("{4D998D0A-25DC-48f6-9677-8FAB0F991BF2}")
:db_clsid ("{C7E765A8-CBD2-4b04-9F7F-7EC61F4ECBB5}")
:file_name (contracts.c)
:archive_opt (0xfffffff9)
:read_permission (0x00000000)
:write_permission (0x00040000)
:read_permissions_list ("{all}")
:write_permissions_list ("{objects_database}")
:private_lockable (false)
:queries (
:all ("*")
)
)
= = = ==
That how it should look like after the change:
= = = ==
)
: (contracts
:display_str (Contracts)
:table_clsid ("{4D998D0A-25DC-48f6-9677-8FAB0F991BF2}")
:db_clsid ("{C7E765A8-CBD2-4b04-9F7F-7EC61F4ECBB5}")
:file_name (contracts.c)
:archive_opt (0xfffffff9)
:read_permission (0x00000000)
:write_permission (0x00040000)
:read_permissions_list ("{all}")
:write_permissions_list ("{objects_database}")
:private_lockable (false)
:mgmt_ha_opt (0x00000001)
:queries (
:all ("*")
)
)
= = = ==
4. Save the changes
5. Start the checkpoint services
#cpstart

Comments

Popular posts from this blog

Download IOS Image for Router

tcpdumps in Checkpoint Firewall