CPShared Forums

Follow CPShared on twitter! Forum Runner and Tapatalk mobile support.

 

Go Back   CPShared Forums > Check Point > Endpoint Blades

Reply
 
Thread Tools Display Modes
  #1  
Old 21st February 2012, 06:12 PM
Sevendoh's Avatar
Sevendoh Sevendoh is offline
Member
 
Join Date: Mar 2011
Posts: 192
Sevendoh is on a distinguished road
Default Connectivity with the Check Point Endpoint Security service is lost

Testing E75.20 client, everything seems to be comparable in behavior to E75.10. The problem I'm having is that all my test clients randomly have shown this error "Connectivity with the Check Point Endpoint Security service is lost", which is basically the fact that the "Check Point Endpoint Security VPN" service does not start upon boot-up. You can't start the service either. One test system is essentially clean, no other Endpoint products on it. All test systems at one point had E75.10 client on them. I've tried both in place upgrades and removing E75.10 first and installed E75.20 and both scenarios have had this error.

When the problem is occurring, I can reinstall the E75.20 client and it resolves the issue, however I am very concerned as to why it's happening to begin with. When its in this state you can't collect logs for debugging because the service isn't started or interact with the command line tools. Kind of chicken + the egg. Anyone seen this problem or have suggestions for troubleshooting?
__________________
+++
Measuring SecurityPower since 2011.
Reply With Quote
  #2  
Old 22nd February 2012, 11:01 AM
Demilich Demilich is offline
Member
 
Join Date: Mar 2011
Posts: 9
Demilich is on a distinguished road
Default

If the service is crashes periodically you can enable process dump generation for TracSRvWrapper.exe according to the following articles:

http://msdn.microsoft.com/en-us/libr...81(VS.85).aspx

http://support.microsoft.com/kb/824344

You will be able using windbg to create a dump of crashing service for analysis (>.dump /ma C:\TracSrvWrapper.dm)
Reply With Quote
  #3  
Old 23rd February 2012, 05:18 PM
Sevendoh's Avatar
Sevendoh Sevendoh is offline
Member
 
Join Date: Mar 2011
Posts: 192
Sevendoh is on a distinguished road
Default

Thanks, that's exactly what I was looking for!
__________________
+++
Measuring SecurityPower since 2011.
Reply With Quote
  #4  
Old 29th May 2012, 07:56 PM
Sevendoh's Avatar
Sevendoh Sevendoh is offline
Member
 
Join Date: Mar 2011
Posts: 192
Sevendoh is on a distinguished road
Default

So to follow-up on the error, my problem was twofold, primarily it boiled down to a bug in the R75.20 gateway giving incorrect automatic_mep_topology information to the CPES E75.20 client. The kicker is that this information is technically not needed in a Manual MEP configuration--I'm assuming it was generated due to the new Secondary Connect feature, however that was off as well. If you're running R75.20 and are using E75.20 VPN clients, I strongly recommend you upgrade to R75.30 or later. Remember the HFA will overwrite your client_trac_1.ttm configuration changes without warning.

Additionally, the unofficial word is that the CPES VPN client is not a multi-site client despite having the ability to add multiple sites. If you attempt to add sites with overlapping [fully or partially] vpn domains you may have this problem. One resolution is to delete your trac.config file [aka all your sites / configuration] and then when you go into the VPN Options for the client it will restart the service and the error will go away.
__________________
+++
Measuring SecurityPower since 2011.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:39 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
(c) 2010 PureSecurity - All rights reserved