During Login and during Push Notification, the Mobile Access gateway sends a token to the client.
Tokens sent by Mobile Access gateway are unique for each user and for each Mobile Access gateway. In cluster of Mobile Access gateways, each cluster member sends its unique tokens. As a result, token sent during a Login by previous Active member is not equal to a token sent during Push Notification by a new Active member.
This problem was fixed. The fix is included in:
Check Point recommends to always upgrade to the most recent version (Mobile Access).
For other supported versions, Check Point Support can supply a Hotfix.
A Support Engineer will make sure the Hotfix is compatible with your environment before providing the Hotfix.
For faster resolution and verification, please collect CPInfo files from the Security Management Server and Security Gateways involved in the case.
Hotfix installation instructions:
Hotfix has to be installed on each member of Mobile Access cluster.
Note: In cluster environment, this procedure must be performed on all members of the cluster.
- Transfer the hotfix package to the machine (into some directory, e.g., /some_path_to_fix/).
Unpack the hotfix package:
[Expert@HostName]# cd /some_path_to_fix/
[Expert@HostName]# tar -zxvf cvpn_<HOTFIX_NAME>.tgz
Install the hotfix:
Note: The script will stop all of Check Point services (cpstop) - read the output on the screen.
- Reboot the machine.
Related documentation and solutions:
- 01892881, 01892889, 01898695, 01898696