Support Center > Search Results > SecureKnowledge Details
'config_system' command fails with 'Validating configuration file: Failed' error when configuring Smart-1 appliance as Multi-Domain Security Management Server
Symptoms
  • 'config_system' command (per sk69701) fails with 'Validating configuration file: Failed' error when configuring Smart-1 appliance as Multi-Domain Security Management Server

    Example:

    [Expert@Smart-1:0]# config_system -s &install_security_gw=false&install_mds_primary=true&install_mds_secondary=false&install_mlm=false&install_mds_interface=Mgmt&... ... --dry-run

    Validating configuration file: Failed
    Security Management must be true
    [Expert@Smart-1:0]#

  • If explicitly using the string &install_security_managment=true&, then the 'config_system' command fails with:

    [Expert@Smart-1:0]# config_system -s &install_security_gw=false&install_security_managment=true&install_mds_primary=true&install_mds_secondary=false&install_mlm=false&install_mds_interface=Mgmt&... ... --dry-run

    Validating configuration file: Failed
    Cannot enable provider while Security-Management is enabled
    [Expert@Smart-1:0]#

Cause

Configuration of Check Point appliances is determined by the /etc/appliance_config.xml file.

"Security Management" product is enabled by default on Smart-1 appliance, and this setting can not be edited.

By design, it is not possible to enable both "Security Management" product and "Multi-Domain Security Management Server" product on the same machine.


Solution
Note: To view this solution you need to Sign In .