Recent Posts

Kamiar Sh
Hi , I have 3 cluster gateways managed by Gaia R77.30(complex network with 300 site-site VPNs and multiple server ) and I want to update IPS on each gateway and these are my questions: 1- what pre-requisite  needed before starting update? 2- what potential impact should I expect? 3-and how to troubleshoot if any impact happen ? 4-is there any… (Show more)
Vasil Genov
Hi all, relatively new to this, so in short, is there a way to export object database and firewall policy database form r77.20 to r80.10. We are replacing old FWs to new ones and we want to keep the same setup. We have new gateways and new management server.  thanks in advance. 
in Management
Jozko Mrkvicka
Hello mates,   I would like to have your opinion and some insight to the problematic which I am facing at the moment.   We have R77.30 SMS with 10 clusters. All of those 10 clusters are included in MyIntranet meshed community. On every cluster we have rule that will allow any connection from all other gateways within MyIntranet VPN community.  … (Show more)
Alex Gilis
I followed the superb walkthrough written by Danny Jung in order to establish a VPN between a Checkpoint 700 series (locally managed) and a central cluster of 5600 series gateways running R80.10.   While the setup worked, I encountered a rather strange issue, I could not troubleshoot a lot due to time and location constraints, and the customer… (Show more)
in Policy Management
Kevin Orrison
When you perform automatic NAT on an object, you have two options. You can select a single firewall/cluster or All. Is there any way you can select two or something like Policy targets using automatic? The only way I can find is by doing manual NAT rules. It looks like it will let you do Policy Targets.
in Policy Management
Bob Delinsky
I have a client that is moving away from a managed service provider that manages two of their gateway clusters (R77.30) via Multi Domain(Provider-1). The client wishes to build an internal SMS and manage the gateways themselves going forward. I am having trouble finding a Check Point SK for exporting CMA's from Multi-domain and importing into a… (Show more)
Jason Tan
Currently, I had two IPSec VPNs, using ISP A and B to go out, respectively on a third-party firewall. The peers were third-party firewalls too.   Assuming I wanted to migrate to Check Point firewall platform. Does Check Point firewall R80.10 support this kind of setup? If yes, where should I configure under IPSec VPN -> Link Selection subsection,… (Show more)
in General Product Topics
Jason Carrillo
After upgrading our MDS and MLM to R80.20, we are seeing average CPU increases across all of clusters after pushing policy to the gateways. It has become very apparent on one of our firewalls that is licensed for four cores.  The four gateways I am seeing this on are open hardware. I do have a pair of appliance based clusters that do not seem to… (Show more)
in General Product Topics
Josh B
Prior to upgrading a security management server to R80.10 and the latest jumbo hotfix, I had email alerts for certain events (CPU usage & and policy install, for example) working as desired using sk25941 & sk38929. After the upgrade, the emails are still received but the body of the email is blank. Does anyone have any ideas what to check?
Abdu Toku
I have a R80.20 installation. Is it possible to disable    CoreXL for a performance test.
in General Product Topics
Vincent Bacher
Hello mates,   i just used the healthcheck script on a productive system to see if it's useful and just got the first unsightly result:   +-----------------------+-------------------------------+---------------+ | Memory                | Physical Memory               | WARNING       | |                       | Swap Memory                   |… (Show more)
Hi Guys, I would like to seek for your expertise to check if my cluster have formed. I am a bit confused and no idea why in my Smart-1, cluster is showing an error but based on CLI, I can say that my 2x CP gateways is acting master and non-master meaning cluster is formed right? But some information is showing that it is down or lost of sync is… (Show more)
in General Product Topics
Kaspars Zibarts
Challenge description: our user general internet access is limited to proxy only or very specific "whitelisted" IPs could be accessed directly bypassing proxy, i.e O365. Up until October we were able to script simple network group with all O365 IPv4 addresses based on XML information from MS. That has been streamedlined now and many services have… (Show more)
in Policy Management
Load more items