0 Replies Latest reply on Aug 28, 2013 1:35 PM by krzysztof.anzorge

    Control Center 5.3.1 connection problems during initial retrieve objects from MFE 8.3.1 HA Cluster (port 9005)

    krzysztof.anzorge

      Hi,

       

      I've tried to register (and get objects and rules) MFE 8.3.1 (HA Cluster) in Control Center 5.3.1.
      Firewall Cluster was registered OK (done from Control Center), but I can't retrieve objects from Firewall HA (on port 9005).

       

      On Firewall I have error in audit log

      ==========================================

      2013-08-28 14:15:27 -0400 f_controlcenter_daemon a_libproxycommon t_servtraffic p_major
      pid: 1688 logid: 0 cmd: 'ccmdp' hostname: NODE01.mcafee.lab
      event: server traffic end application: Control Center Management
      netsessid: b41ce521e3e3f srcip: 10.0.0.199 srcport: 55938
      srczone: internal protocol: 6 dstip: 10.0.0.50 dstport: 9005
      dstzone: internal bytes_written_to_client: 0 bytes_written_to_server: 0
      rule_name: CC do FW cache_hit: 0 start_time: 2013-08-28 14:15:27 -0400

      2013-08-28 14:15:27 -0400 f_controlcenter_daemon a_libproxycommon t_attack p_minor
      pid: 1688 logid: 0 cmd: 'ccmdp' hostname: NODE01.mcafee.lab
      category: protocol_violation event: Redirect address required
      netsessid: b41ce521e3e3f srcip: 10.0.0.199 srcport: 55938
      srczone: internal protocol: 6 dstip: 10.0.0.50 dstport: 9005
      dstzone: internal rule_name: CC do FW
      ssl_name: <Control Center Server SSL Traffic> - CC do FW
      reason: A redirect address was required but not found.  This may be a configuration error, or it may be a probe attempt.  Connection closed.

      =====================================================

       

       

      Firewall policy that allows connection from Control Center IP (10.0.0.199) to Firewall Cluster IP (10.0.0.50), looks like this:

       

      CC_to_FW_rule.PNG

       

       

      Please explain to me, why I have those problems?
      Maybe "CC_to_FW_rule.PNG" should be made in another way....

       

      Best regards

      Krzysztof Anzorge