"CRLs failed to be downloaded" error in SmartConsole when trying to connect to Management Server / SmartEvent Server
This problem was fixed. The fix is included in:
Check Point recommends to always upgrade to the most recent version.
If the updated SmartConsole build does not resolve the issue, there are a few other possible causes.
- Potential privilege problem when running on Windows operating system. Right-click on the SmartConsole icon and select - "Run as Administrator".
- The SmartConsole cannot communicate with the server on the required ports. Make sure you check netstat and see that the server is listening to the following ports:
- The server is a Secondary Management Server / SmartEvent / Log Server and SIC has not yet been established with the Primary Management Server.
- If the server is a Primary Management server, verify the CRL file exists in $FWDIR/conf/crls/ICA_CRL0.crl and you can access it in a web browser to http://<MGMT_IP>:18264/ICA_CRL0.crl
- The Windows machine IP address is not an allowed GUI Client.
- Try to mdsstop_customer;mdsstart_customer on the CMA
If none of the above apply, please collect the following debug files on your Windows machine and submit a ticket to Check Point Support:
Note: These debug files are special files for the CRL downloading scenario. None of the other scenarios of using SmartConsole need those files. Typically for collecting more info for the SmartConsole application, completely other files are needed. This is because the library which initiates download of CRL's writes to different files.
1. Open command-line on your Windows client and make it navigate to the folder where SmartConsole.exe resides, typically "c:\Program Files(X86)\CheckPoint\SmartConsole\R80.10" (or other versions).
2. Launch SCConfigManager.exe from the command-line window.
3. This command-line utility displays a list of options. Choose option "(3) TDERROR - Configure TDERROR debug level" by typing "3"
4. The next step asks whether to turn TDERROR option on or off - type "on".
5. From the command-line window, launch SmartConsole.exe
6. Attempt to login and have the problem reproduced.
7. Close the SmartConsole application
8. Repeat steps 3-4 but this time turn the TDERROR option "off".
9. The files are added to %localappdata%\Check Point\[version name] , or if you use SmartConsole in Portable Mode, the "Output" sub-folder right next to the SmartConsole.exe executable file.
Please include such files with your Support Ticket.