Support Center > Search Results > SecureKnowledge Details
SmartConsole cannot connect to a newly created Domain after it was successfully migrated from a Security Management Server to a Multi-Domain Server Technical Level
Symptoms
  • SmartConsole cannot connect to a newly created Domain after it was successfully migrated from a Security Management Server into a Domain on a Multi-Domain Server.

  • The $MDSDIR/log/mds.elg file on the Multi-Domain Server contains:

    [MDS <PID> <TID>]@MDS_HostName[Date Time] CmaInterface::m_getCaFromCma_CB(<DomainManagementServerName>_._._<DomainName>)
    [MDS <PID> <TID>]@MDS_HostName[Date Time] HandleReply: Client returned -1 on cpmiopid 4, session will be closed
Cause

More than one Certificate Authority object were configured in the source Security Management Server.
There can be only one object of the CpmiInternalCaServer class, named "internal_ca".


Solution

This problem was fixed. The fix is included in:

.

If you choose not to upgrade, Check Point can supply a Hotfix. Contact Check Point Support to get a Hotfix for this issue.
A Support Engineer will make sure the Hotfix is compatible with your environment before providing the Hotfix.
For faster resolution and verification, please collect CPinfo files from the Security Management Server and Security Gateways involved in the case.

Hotfix installation instructions:
Refer to sk168597 - How to install a Hotfix.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment