Support Center > Search Results > SecureKnowledge Details
Policy installation fails with Management Data Plane Separation (MDPS) and User-Space Firewall (USFW) mode Technical Level
Symptoms
  • Policy installation on the MDPS Gateway fails with these errors in SmartConsole:

    "/opt/CPsuite-R80.40/fw1/conf/.pf", line X: ERROR: Duplicate keys  in table 'cluster_members_ids_by_ips'
    
    Notes:
    • FW/Cluster is running User-Space Firewall (USFW).
      To see the current mode:
      cpprod_util FwIsUsermode 
      cpprod_util FwIsUsfwMachine 
      (0=kernel, 1=USFW)
      
    • Management Data Plane Separation (MDPS) is enabled.
    • The issue only occurs after the user installs R80.40 Jumbo Hotfix Take 114 or above on the Security Gateway.
    • The issue occurs after the user presses "get interface with topology" or "get interface without topology".
    • The issue can occur after the user adds a new cluster with SmartConsole.
    • sk155952 does not resolve the issue.
Cause

Interface "mdps_tun" is pulled in the USFW setup even though it is not part of the topology. 

The issue does not occur on a non-USFW Gateway (kernel mode).


Solution
Note: To view this solution you need to Sign In .