Recent Posts

Dirk Casomo
hi, i have 2000 plus list of IP addresses, how can i block them all bi directional blocking in my checkpoint firewall without typing all those individually?  
in Policy Management
Vincent Bacher
Hello Mates, we are just upgrading a bunch of R77.30 gateways to R80.10. Now we have detected, that the gateways connect to almost all other gateways for identity sharing. We just enabled identity sharing on some chosen gateways because we don't want and need sharing between all gateways. Does anybody facing this behavior as well or does… (Show more)
Greg Harewood
I've only just realized I don't know the answer to this after many years with the product.   Without SDF, the following happens:   Connection 5-tuple -> hash function -> last 8(?) bits determine bucket -> connection processed by fw with bucket   WITH SDF, what changes?  We know in particular that... Acceleration is neutralized It copes better… (Show more)
in General Product Topics
Sagar Manandhar
Hi, I need to implement the TE appliance and need answer to some query: - can i make the 1000X as standalone (check gateway and management at initial setup) and make it Local TE devices so that log are store in same device. - Do the gateway requires the NGTX license to point the dedicated TE 1000X appliance. - Can two different gateway point… (Show more)
in SandBlast Network
Sharma Prashant
Does Checkpoint support only Tunnel mode VPN only or we can use Transport mode as well for IPSEC...?   can we switch between them?   Any documentation can we  get it on this to get the clarity with example...?
in General Product Topics
Riawan Setio
After I migrate R77.30 to R80.10, smart log in R80.10 is not active. because before smart log not enable in R77.30 (I forgot to activate). How I enable it in R80.10? FYI, I can see log using Smart View Tracker (CPLgv.exe).#R80.10 #SmartLog
in Policy Management
Olga Kuts
We implemented CheckPoint and ArcSight integration (via OPSEC server, clear connection). What logs will be sent to ArcSight? For example, we try to log in via Endpoint Security VPN. In CheckPoint logs we see log in and log out events, but in ArcSight we see only log out events. Why?
in Management (R80.10)
Ian Flood
Please can you advise, where I can get an updated ipa file for the new version of Sandblast Mobile Enterprise client v2.70.3713? so I can update my Intune portal.   Previously this was sent to me via email.   Thanks
in SandBlast Mobile
Denis Clancy
Hi Folks,   I was hoping you could help me out with a query. I'm in the process of setting up a VPN to Amazon AWS. Following the checkpoint guide below.   Solution ID: sk100726 How to configure IPsec VPN tunnel between Check Point Security Gateway and Amazon Web Services VPC using static routes    I had a question around the statement below:  … (Show more)
in Cloud (vSEC)
Nelson Thoms
Hello, I am in the process of auditing the objects on an R77.30 mgmt. server and while I've found dbedit to be the best way to export the full object list, I am unable to determine if objects are used or not.  I realise in Dashboard we can filter on unused objects however since we have hundreds of results, and I cannot just delete stuff without… (Show more)
in General Product Topics
Dameon Welch Abernathy
Check Point SmartMove tool enables you to convert 3rd party database with firewall security policy and NAT to Check Point database. At the moment, the tool handles Cisco ASA (version 8.3 and above) configuration file and converts its objects, NAT and firewall policy to a Check Point R80.10 policy. The tool is planned to support additional vendors… (Show more)
in Policy Management
Kim Moberg
Hi I have a challenge with Mgmt log indexing in R80.10 take 56. In my SmartLog I can only look 14 days back in time, but in folder /opt/CPsuite-R80/fw1/log/ there are logs back to August 2017. How can I index the old logs so they are included in SmartLog? I have found sk77640 (SmartLog does not index logs that existed prior to SmartLog… (Show more)
Kaspars Zibarts
Just thought in case someone else is using Cisco VXLAN in their network and have MDS.   We run across issue where after MDS was started and all processes came up, none of the CMA virtual IPs where responding to gateways or HA MDS whilst main MDS IP work just fine. I can note that all IPs (CMAs and MDS) are in the same subnet - so only L2… (Show more)
Load more items