Solved

checkpoint failure while copying files to compatibility package directory

Posted on 2009-07-13
6
2,146 Views
Last Modified: 2012-05-07
We are getting error "Failure while copying files to compatibility package directory" and "Operation Ended with Errors" when we try to install a new policy on our Checkpoint firewalls.

We have a pair of R60's running HFA_05, hotfix 605 and have a dedicated mgmt host (R61). We have not rebooted them for a couple of years. Unfortunately we have no support contract and cannot call Checkpoint for advice.

We checked disk space and there is plenty of it for new policies. We considered simply rebooting but are concerned it may not come back up.

Has anyone seen this error before? Also, are there per/hr support options from 3rd party Checkpoint solution providers? Any that experienced Checkpoint folks can recommend?
0
Comment
Question by:skipervarg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 24843730
Sadly in this case it may require CP assistance with which you say, is nit supported.

We have 2 options, remove the compat packages that are causing the issue or purchase CP support and upgrade to R65/R70

This is more than likely a software issue and will require the in depth knowledge of CP to correct, unless we have a closet CP developer out there,
0
 

Author Comment

by:skipervarg
ID: 24853679
Hi Deimark,

Thanks for your suggestion. Some more information that may help steer the ship:
1. We have not installed any additional compat packages in at least 1.5 years.
2. We have been able to successfully apply new rules on almost a weekly basis until now.
3. The firewalls and mgmt devices have ~715 days of uptime.
4. Someone else suggested this solution: http://www.cpug.org/forums/nokia-ipso/7416-fail-install-policy.html

Perhaps we should try rebooting the mgmt host first - do you know if it is possible to do so without affecting the firewall (we have a distributed installation)?

thanks kindly.
0
 
LVL 18

Assisted Solution

by:deimark
deimark earned 500 total points
ID: 24853797
Rebooting the mgmt server does not affect any firewall at all bud.

All you will get is that while the smartcentre is down, the firewall will log locally instead of sending to the smartcentre.  There are steps you can take to recover these logs from the firewall, but if there is little traffic, there is little benefit in copying across the few minutes worth of logs.

Rebooting the mgmt doe snto affect the traffic going through the firewalls.

Having a look at the article you post there it all makes sense and I would give it a go bud.

One comment thought, I would leave the backup registry file, no need to delete it, not untill you are fully happy that its working fine for a week or so.
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 

Author Comment

by:skipervarg
ID: 24864314
Deimark,

It turns out we do not have the standard or expert passwords for console access! So we cannot even try the steps in the article...we inherited this box so no means to get it from the last admin.

Is there a known password reset procedure for both passwords? All we have at this point is the console password for access the mgmt UI.

ack!
0
 

Author Comment

by:skipervarg
ID: 24867082
Just a quick followup

1. We were missing the standard and expert passwords so I booted from a RH5 Rescue CD and edited the following file: /etc/shadow - I removed the admin password, saved the file. I inspected the /etc/passwd file and noticed that there was no "admin" account, just "root".
2. I rebooted into normal mode, logged in as root, dropped into expert mode and executed the passwd command to replace the standard password.
3. I did a check of the drivespace on the filesystem, (df-h) and noticed the /var partition was 100% full. Most of that was in the logs directory.
4. I did a cpstop, cleared out the logs, then cpstart and everything was ok.

Thanks for your suggestions and help.
0
 
LVL 18

Expert Comment

by:deimark
ID: 24867227
Glad to hear its all working now bud
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Telepresence on backup 3 77
Port forwarding 14 200
SonicWALL SIP Transformation Problem 4 162
Monitor Bandwidth throughput in Fortigate 100D 1 45
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question