Support Center > Search Results > SecureKnowledge Details
1100 Appliances managed by SmartProvisioning get wrong VPN certificate
Symptoms
  • 1100 Appliances managed by SmartProvisioning get wrong VPN certificate, which causes VPN outage.

  • Security Management with 2 or more 1100 appliances / Security Gateways, managed by SmartLSM profile, may see invalid object ID in Security Gateway and SmartView Tracker logs.

  • VPN IKE debug shows that the certificate presented by the 1100 appliance is incorrect (refer to the subject of the presented certificate).

  • If Dynamic Objects are used in rulebase, then Security Gateway may drop traffic with "Invalid certificate" log.

Cause

When policy is fetched by the managed gateway, the Security Management Server sends an incorrect robo_gateway file, and VPN certificate may be wrong, as more than one gateway fetches policy.


Solution
Note: To view this solution you need to Sign In .