Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


checkpoint R75.30 URL doesn't work

Posted on 2014-10-09
Medium Priority
Last Modified: 2015-02-22
hi, I have 2 checkpoint devices working in a cluster. Primary checkpoint device has a problem with URL filtering - error message is failed to reload database and thus URL filtering is not working.
Could you please help me with the issue
Question by:dedri
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
LVL 64

Expert Comment

ID: 40372071
For URL Filtering, each Security Gateway also has a local database that contains commonly used URLs and their related categorization. We can try to see if manual update can be done in each primary box. Rightfully, there is the local cache on each Security Gateway keeps URL categorization responses up to 3 days.

To manually update the management server only:
On the Advanced > Updates pane of the Application and URL Filtering tab, click Update Management to update the management only.

You may also want to see newer release is recommended e.g. R75.47 (this is not latest though)

Anti-Virus / Anti-Bot / Application Control / URL Filtering update might fail on R75.40 / R75.40VS / R75.45 / R75.46 / E80.41,

Anti-Virus and URL Filtering update fails on the Standby member of ClusterXL in High Availability mode

Open a support case with CP

Author Comment

ID: 40419619
I tried the suggestion from ,but I cannot find sfcontro file in the directory according to the article.
Also nothing is logged on the tracker, it doesn't matter what page I am trying to open
LVL 64

Expert Comment

ID: 40420736
The CP forum (sk36398) stated on the Security Gateway:

    Go to the $FWDIR/uf/sc/update/incoming directory.
    Delete all of the files that match the syntax: sfcontrol.*
    Run the cpstop command.
    Run the cpstart command.
    Start the Web Filtering database update again.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 40426513
There isn't such file like sfcontrol in this directory as I've already said in the above post
Here is an output:
[Expert@fw1]# cd $FWDIR/uf/sc/update/incoming
[Expert@fw1]# ls -l
total 188
-rw-rw----    1 root     root        86073 Nov  6 15:57 URL_Filtering.C
-rw-rw----    1 root     root        86073 Nov  6 15:57 URL_Filtering2.C
-rw-rw----    1 root     root          143 Oct  8 16:42 URL_Filtering2.entitleme                         nt.C
lrwxrwxrwx    1 root     root           45 Jan 16  2012 incoming -> /opt/CPsuite                         -R75.20/fw1/uf/sc/update/incoming
[Expert@fw1]# pwd
LVL 64

Expert Comment

ID: 40427485
possible to check out the kb as I have no access to them

Anti-Virus and URL Filtering update fails on the Standby member of ClusterXL in High Availability mode

URL Filtering drops traffic with an "Internal Error" log

sidenote (which you may know) - The Application and URL Filtering Database only updates if you have a valid Application Control and/or URL Filtering contract. By default, all new Application Control installations have a valid contract for 30

Author Comment

ID: 40580212
this article didnt't help us, the problem still exist
LVL 64

Expert Comment

ID: 40580926
looks a tough nut so do consider raising the support ticket. I was also thinking to re-cre ate the clustering again and check the HA setup as per in this post

Accepted Solution

dedri earned 0 total points
ID: 40614418
we open a support ticket with checkpoint and they were not able to find a solution or workaround. They propose us to reinstall the checkpoint devices

Author Closing Comment

ID: 40624020
we open a support ticket with checkpoint and they were not able to find a solution or workaround. They propose us to reinstall the checkpoint devices

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question