Hello Folks, I have an IPSEC tunnel configured on the given platform (see below). The tunnel peer is defined by IP address, not hostname. Tunnel config is default, Check Point as remote gateway (same platform, firmware etc), perfect forward secrecy with DH Group 2, no NAT. My problem is: The Tunnel won't come up without a public reachable…(Show moreShow less)
We have many 1100 and 1400 model firewalls that we have migrated over to Zscaler using IPsec VPN to send outbound internet traffic through the Zscaler datacenter for filtering. We are running only FW and VPN blades. The VPN is up and running, however, we are noticing very slow performance in speeds and file downloads. We have an open case with…(Show moreShow less)
They are probably making that bigger box recommendation more for the capabilities of full Gaia (i.e. not embedded Gaia) to deal with this situation. As a last resort try setting the MTU to 1300 on the external interface of the Check Point appliance and on the Zscaler if you have access to it. This is the equivalent of killing a housefly with…
Hey guys! A costumer wanted to configure a way to bypass captive portal authentication for a specific network on a locally managed 1400 appliance. I found sk117593, which suggests using hotspot. So I disabled User Awareness and enabled hotspot for the networks that require authentication. I then set configure radius to use the Active Directory…(Show moreShow less)
Author: Danny Jung Want more Check Point info? Read our tech blog! Q: What's the official product site ? A: Check Point 1400 Appliance | Datasheet | Support Center Q: What's the 1400 Appliance's SecureKnowledge article ? A: sk110985 | Release Notes | Known Limitations Q: Where can I find Getting Started Guides ? A: Centrally…
Our company just purchased a large quantity of firewalls and we're having issues with the units after firmware upgrade and pressing force member down in admin, neither firewall is available. Please see attached detail.
FYI the contents of the doc could have easily been included in CheckMates. We support inline graphics and the like For this one I recommend engaging with the TAC. I suspect it’s some sort of bug we will need to gather more detailed information on. Contact Support | Check Point Software
I have a 640 that I am using in a domestic situation and I have a couple of devices that expect to connect to WIFI using WPS. My first attempt was to set up a guest wifi locked down by MAC address but I could not get the devices to connect. Any thing else I should try? Thanks, Russell
I assume by WPS you mean WiFi-Protected Setup. WPS is not supported by the 600/700/1100/1200R/1400 series because it's not secure. The devices will need to be configured manually to connect to your WiFi network (or you need to configure it to be open). I would allow the device to connect to the network first before you enable MAC filtering.…
and I can't figure out what I should replace it with. There are vast numbers of different antenna available...Can someone give me a spec to look for? I have been pointed to this site http://www.superpowersupply.com/ and I am sure that one of the hundreds available will work! I'll buy two and replace both so they are match -- not sure if this…(Show moreShow less)
I can't find any specs on the antennas that we included with the 600 series. Anything with the correct connector should work just fine (in my experience) provided it is designed for 2.4Ghz. A pair of them is definitely a good idea
You can easily use the "fw log" command on your firewall management in order to check when a specific VPN tunnel was recently initiated and if VPN Phase1 (IKE) and Phase2 (IPSec) is still established on the firewall gateway in order to tell the uptime of the VPN tunnel.