Recent Posts

Ken Tyrrell
Is a 600 Appliance with an expired license still usable as a basic firewall/router? I have one where the license expired in February. It's only being used as an access point to segregate Public Wi-Fi usage at a library.   It was rebooted about 10 days ago and the Wi-Fi and routing are still working, but SNMP is now getting blocked and any edits… (Show more)
in General Product Topics
Vladimir Yakovlev
Jumbo Hotfix Accumulator for R80.10 (R80_10_jumbo_hf)    For those contemplating upgrade to Take_91: I've just borked my SMS by going from Take_70 to Take_91. No WebUI, ssh behaves weirdly and clish CPUSE uninstall is not working.   I am not implying that it is not a one-off issue, but keep it in mind and snapshot before JHFAs installations.…
in Management (R80.10)
Networker Networker
Hello we installed identity collector.and then i controlled to the users source.and i saw that firewall took users information both AD query and identity collector. Should ad query be closed?     Thanks
in General Product Topics
Hristo Grigorov
Sorry to hijack this thread but just wanted to mention that SmartConsole isn't very stable here. From time to time it hangs like that:   The program SmartConsole.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance… (Show more)
in Policy Management
Vlad Voronko
While testing a site-to-site VPN tunnel between CP80.10 and Cisco ASA, I noticed that right after I had configured the IPSec peer on CP80.10, I was no longer able to ssh to 10.0.14.101 (ASA outside IP) to manage the device. Then I looked into the logs on CP and found out that CP80.10 is trying to encrypt packets destined to ASA outside IP address… (Show more)
in General Product Topics
Danny Jung
  I always thought of having a simple Bash script that would allow me to run common Check Point CLI tasks without having to crawl for command cheat sheets, bookmarks, google, manuals, knowledge base etc. Moti Sagey's  Top 3 Check Point CLI commands thread inspired me to start this project, allowing everyone to suggest new enhancements,…
in General Product Topics
Rick Hellawell
Hi, Geo Protect question. Running R77.30 geo protect block log identifies hosts in 109.248.9.0/24 as Russian. RIPE has it registered as a UK range. How does that work? where does Checkpoint get its country list from?   Many Thanks   Rick Hellawell  
in Policy Management
Ayaz Ahmad
Hi, I am trying to upgrade our R77.30 management server to R80.10 using CPUSE. The OS upgrades fine and then when importing the database, it fails with "Failed during import process". I have tired this fix sk118795 but still no help.  I have attached the log file which was generated after the update failure.  In the log file I can see the… (Show more)
Gary Torrico
Hello guys,   I have a client that needs to perform all the Access Control, App Control and URL Filtering only with Access Role.   I need to know your experience about the limitations of doing all the police with Access Role. Especially for Source of the rule.   Thank you.
in Policy Management
Vedran B
I’m in doubt about applying VSX cluster and Virtual Systems (VSs) in case of internet access over two ISP providers. I have two internet links from two different ISP providers and two Public DMZs subnets from every provider. The picture below shows connections between equipment and two providers.   I have a plan to change two firewalls (FW01 and… (Show more)
in General Product Topics
Networker Networker
SecureXL is enabled, but the traffic is not accelerated. i restarted securexl.but the result not changed. corexl and ht are active. and we have performance problems.   [Expert@fw1:0]# fwaccel stats -s Accelerated conns/Total conns : 519/114126 (0%) Accelerated pkts/Total pkts   : 1306379/17442674 (7%) F2Fed pkts/Total pkts   :… (Show more)
in General Product Topics
Bryan Smith
What is the best practice for managing multiple clusters from one manager? Do all database changes show up across all policies even if they aren't referenced in the policy? Thank you.
in Policy Management
Vato Chantladze
Hi there, The question I still have from latest CPX2018 is the exact date when R80.20 will be officially released or at list EA?  We are waiting for some great features from R80.20 Including:  - Gaia OS will be based on RHEL 7.x distribution what should give countless benefits and features.  - R80.20 will support new ASIC's for 5000, 15000,… (Show more)
Load more items