All Activity

Trending
jessica smith
Where can I check the phase 2 encryption domain (locan and remote) on cli for existing vpn, is there a command for it?
in General Product Topics
Trending
Heiko Ankenbrand
Introduction   This drawing should give you an overview of the used R80 and R77 ports respectively communication flows. It should give you an overview of how different Check Point modules communicate with each other. Furthermore, services that are used for firewall operation are also considered. These firewall services are also partially mapped…
in Appliances and Gaia
Trending
Heiko Ankenbrand
Introduction   This document describes the packet flow (partly also connection flows) in a Check Point R80.10 and above with SecureXL and CoreXL, Content Inspection, Stateful inspection, network and port address translation (NAT), MultiCore Virtual Private Network (VPN) functions and forwarding are applied per-packet on the inbound and outbound…
in General Product Topics
Trending
Etheldra Frederick-Radde
Policy push breaks ssh session   Has anyone run into any issues where they are not able to log in using ssh into a CP firewall (77:30) after policy push. The only way to get back in with console the run fw unloadlocal in order to ssh back into the firewall. We use dynamic objects and all of the firewall IPs are correct. I have been looking at… (Show more)
Matters Most
Stuart Green
Hi,   Has anyone encountered this issue with the MUH Identity Awareness Agent running on Citrix servers?  Initial connection works just fine but then after a few days it just disconnects and stops forwarding identities.  Event log on the server says that it is connected but the agent doesn't report that.  Screenshot is attached.  There doesn't… (Show more)
Matters Most
Demith Samaraweera
Hi All   I have a strange issue, we have CP 5900 VSX VSLS cluster with 3 virtual firewalls, only one is active on node-1 and others are active node-2. We have coreXL and SecureXL enabled with only IPS blade enabled, strangely on node 1 there is one firewall worker taking lot of CPU   Also strangely ~70% traffic takes F2F path without any… (Show more)
in Appliances and Gaia
Matters Most
Christian Benitez
In previous versions, one could open the current policy, make 50 changes and then save it with a different name (usually, firewall.name.date). If there was an unforeseen issue (or management decision), one could rollback easily the old policy by installing the old version where everything was working as expected. How do you handle this situation… (Show more)
in Policy Management