Support Center > Search Results > SecureKnowledge Details
"Failed to connect to Check Point Anti Malware detection service" message in SmartView Tracker Technical Level
  • Some traffic is bypassed / dropped by Anti-Bot (depending on engine settings) with the following reason:

    Could not connect to x.x.x.x:8080.
    Failed to connect to Check Point Anti Malware detection service

  • SmartViewTracker shows alert logs from the URL Filtering blade: "Internal System Error occured" for HTTP sites.

  • The cpstat -f RAD_status urlf command shows: "Cannot connect to".

  • RAD debug (rad_admin rad debug on all) shows:
    [rad_http_response_runner.cpp:105] CRadHttpResponseRunner::run: [INFO] run chain 'CRadHttpResponseParseStatus' is ok, total read = 0
    [rad_http_response_find_content_length.cpp:130] CRadHttpResponseFindContentLength::run: [INFO] enter to ... 
    [rad_http_response_find_content_length.cpp:77] CRadHttpResponseFindContentLength::parse: [INFO] enter to ... 
    [rad_http_response_find_content_length.cpp:87] CRadHttpResponseFindContentLength::parse: [ERROR] 'Content-Length: ' is not found
    [rad_http_response_runner.cpp:94] CRadHttpResponseRunner::run: [ERROR] error running chain <CRadHttpResponseFindContentLength>
    [rad_http_response.cpp:71] CRadHttpResponse::handle_data: [ERROR] CRadHttpResponse:0x84a2d6c error processing response buffer
    [rad_connection.cpp:472] CRadConnection::CRadPender::handle_data: [ERROR] error processing http response
    [rad_connection.cpp:876] CRadConnection::handle_data: [ERROR] error reading: 0x840db58, _dlen = 256
    [rad_fwconn.cpp:1141] CRadFwConn::handle_data: [ERROR] error on data handle
  • Kernel debug (of APPI and RAD_KERNEL modules) shows:
    {policy} [ERROR]: appi_rad_uf_cmi_handler_match_cb_handle_url: rad_kernel_api_async_get_resource() failed, error: service is down;
    {policy} [ERROR]: appi_rad_uf_cmi_handler_match_cb: appi_rad_uf_cmi_handler_match_cb_handle_url() failed;
    {global} rad_kernel_api_check_service_status: service is down;
    {global} rad_kernel_api_async_get_resource_ex: RAD service is down;

The HTTP response packets arrive at the Security Gateway modified. For example, a 3rd party proxy server changes the header's fields order.

Note: To view this solution you need to Sign In .