Dear Mates I need your urgent help. I have enabled IPSec blade on one of our clusters, and I now need to disable it because it mays be causing some issues with another IPSec that we use from a vendor within our network. When I try to disbale IPSec, itshows the message on the image bellow: When I check where used, it shows all the… Show more
Hi, Has anyone encountered this issue with the MUH Identity Awareness Agent running on Citrix servers? Initial connection works just fine but then after a few days it just disconnects and stops forwarding identities. Event log on the server says that it is connected but the agent doesn't report that. Screenshot is attached. There doesn't… Show more
Hi Stuart, The agent installed is R80.102.0000 We have AD and TS enabled. For Identity agents, did you just enable it with default setting or modified them. I've also noticed that for any TS agents that are connected, no username information is seen on logs. Seems like the whole solution is not working. Sajid
In previous versions, one could open the current policy, make 50 changes and then save it with a different name (usually, firewall.name.date). If there was an unforeseen issue (or management decision), one could rollback easily the old policy by installing the old version where everything was working as expected. How do you handle this situation… Show more
Hi Sebastien, We continue to recommend to run the Gateway-level revert by clicking "install previous revision" from the "Policy Installation History". This makes the Security Management Server silently log into that previous Management revision, collect all the data from it - including rules, objects, gateway settings, topology etc., and…
This may be a dumb question, but I couldn't find any other relevant posts that existed before asking it... Is there a way to see how far back your SmartLog Indexes go in R80.10? Back in the R77.30 days, it used to just show up at the bottom of the SmartLog app. I don't see anywhere in the GUI to display that anymore? Thanks! Dan
Hi Expert, I am doing for one project Upgrade from Splat R77.30 in Smart1-5 production appliance to Gaia R88.10 in new Smart1-410. Please kindly advice it how to better way to upgrade for this above scenario. I am not able to find for the correct image at CP user center of Upgrade wizard guide. From my approach is as per below: 1. … Show more
Hi, I'm using the Logs & Monitor of Domain Management Server ( R80.10 ) on a VS ( R77.30 ). I'm looking for the field name of "Xlate (NAT) Source IP" to use in the query in Logs & Monitor. (Already tried filtering using the "Copy Rule UID" of the NAT rule and using it with fieldname rule_uid. ) The drop down list of "other fields" I hope… Show more
I have a few hundred host objects that I need to rename. The hosts are called site2_xxx_xxx but need to be site3_xxx_xxx. What would be the best way of doing this? I am assuming the API is an option given I am on 80.10. Thanks Jon
Hey, Just add the necessary information to a csv file, set up the csv like this: name, new-name site2_xxx_xxx, site3_xxx_xxx site2_xxx_yyy site3_xxx_yyy site2_xxx_zzz, site3_xxx_zzz and so on... (Use quotation marks if the object names contain spaces) Afterwards place the csv file on your SMS (or the management PC, which is used to…
Hi Checkmates. I recently explored the option of exporting our checkpoint firewall security policies using the Web Visualization Tool as recommended by checkpoint. I was able to convert the outputs to readable formats However, it seems to not give us enough information, i.e. I cannot see the IP address objects, or node objects. From the… Show more
Dear CheckMates, My name is Sharon, and I run the usability testing in Check Point’s R&D. Our goal is to validate the quality of the User Experience of our products. We do that in one-to-one Zoom sessions with our customers and partners. A typical session lasts up to a 1 hour. In these sessions, our R&D experts share upcoming features, and… Show more
Dear Checkmates, I did static NAT and the required policy to reach a web server in my Network but i still cant reach the webserver. I ran a zedebug command and the following popped up: "dropped by fwpslglue_chain Reason: PSL Reject: aspii_mt" Please How can i fix this?
I'd like to change all my LOM passwords using ipmitool via the API using run script. The issue I'm facing is the new password will be visible in SmartConsole when looking at tasks that have been run. Is there a way to delete or hide certain tasks so we can keep certain data safe (like passwords)?
Hi, Sometimes, the fw_full process seems to be on 100%. Please refer the attached screenshot. I found the SK regarding this issue but still I thought of asking in this Community. Has anyone faced this issue? If yes, please help me resolve this issue. Thanks in advance. Sincerely, Nischit A.
Load more items
My goal is to convert a standalone R77.30 4400 appliance into a gateway for a Distributed license Security Manager Hyper-V VM that'll do management, reporting, logs, etc. We only have the one 4400 in place at the moment so downtime is an issue. As I understand it, I should migrate the standalone configuration to distributed first (using the… Show more
These were the some of the articles that I used to begin the migration. There are so many disparate but possibly related articles that I came across alternating solutions that confused the issue (they probably referred to different versions). SK61681 - The main issue here was that it seems to require modifying the existing (sole) gateway device…