Support Center > Search Results > SecureKnowledge Details
"Upgrade to this version is prohibited. Use clean install" CPUSE notification Technical Level
Symptoms
  • "Upgrade to this version is prohibited. Use clean install" notification is displayed when the upgrade package is imported via CPUSE Gaia portal, while the same package in other servers/environments can be imported successfully.

  • The following messages can be seen in the DeploymentAgent.log file:

    "There is no ngm upgrade conditions set, but we temporarily decide to allow upgrade with old upgrade tools"

    [HIGH DALOG_NORMAL]: Verifier results for package Check_Point_R80.20_T101_Fresh_Install_and_Upgrade_Security_Management.tgz (Check Compatibility return value 0): Verifier results
    Package: R80.20 Fresh Install and Upgrade for Security Management

    Clean Install: Installation is allowed.
    Upgrade: Upgrade is allowed

    [DATE TIME][..]:nice -n 19 gtar -zxvf /var/log/CPda/metadata/CheckPoint#Major#All#6.0#4#9#R80.20_Mgmt/Check_Point_R80.20_T101_Fresh_Install_and_Upgrade_Security_Management_METADATA.tgz -C /var/log/CPda/metadata/CheckPoint#Major#All#6.0#4#9#R80.20_Mgmt/tmp/ 1>/dev/null 2>&1
    command summary:
    Return code = 2
    Output = [DATE TIME][...][HIGH DALOG_NORMAL]: Major_check::load configuration failed - can't validate package.
  • The following messages can be seen in the DeploymentAgent.log file: Starting Check Point services ... Verification failed: 1. To allow the upgrade operation, make sure that the primary server is Active, and the secondary servers are on Standby. Notes: 1. It is recommended to use the latest upgrade tools package. The latest package is installed automatically on online environments, for upgrade of offline environments refer to sk135172. 2. Only latest revision will be upgraded. It is recommended to publish important changes before upgrade. Unpublished changes will be lost. 3. Run the upgrade verification on all servers in your environment before you upgrade.
Cause

When importing the new upgrade package via CPUSE Online - "Check for Updates" the package metadata became corrupted during the download, therefore CPUSE cannot extract it and prohibit the upgrade/installation.

Checking the files in the metadata folder by running "ls -hlart /var/log/CPda/metadata/" shows that the files size is 0.

For example  /var/log/CPda/metadata/CheckPoint#Major#All#6.0#4#9#R80.20_Mgmt/Check_Point_R80.20_T101_Fresh_Install_and_Upgrade_Security_Management_METADATA.tgz)


Solution
Note: To view this solution you need to Sign In .