News | CheckMates

Giancarlo Cotta Ramusino in SandBlast Network5 days ago (Show more)

Hi I understood that is possible to collect file for the emulator from Gateway, span port and MTA. I understood that MTA takes the role of the Exchange Server. But I found this slide that show a Exchange that send file to emulator. I'cannot find information that explain if Exchange Server can send file to emulator or not. Thanks for you help.… (Show more)

3 replies1 new updateShow more activity

Charris Lappas (to Giancarlo Cotta Ramusino) 51 minutes ago (Show more Show less)

Hi, If you current setup is for your MX records to be your Exchange server, then your Firewall with the NGTX with the MTA role will be your mail server. Then your FW will forward the emails to Exchange. For emails with attachments, the attachments will be send to the cloud for emulation or to your private appliance. So in short you are…

Actions

Alan Kong in Installation, Maintenance, and Upgrades2 weeks ago (Show more)

Unable to install CheckPoint VPN E80.83

Failed to install checkpoint VPN e80.83 on windows 10 pro. I encountered this error: Error 26630. Failed to copy driver While installing virtual network adapter and installling network driver. Previously I had some virtual network adapter issue in e80.82 and wanted to resolve it by installing e80.83. i am the administrator for the system… (Show more)

7 replies3 new updatesShow more activity

Alan Kong (to Kim Moberg) 54 minutes ago (Show more Show less)

Hi Kim, yes I just run the msi file. I am not in control of the endpoint mgmt server. Currently what is happening is we were required to install the Checkpoint Endpoint VPN client to access the VPN setup by our client by the use of username and password. So this is likely the later case. The issue I have might be related to some corrupted virtual…

Actions

Gianluca Giordano in Logging, Monitoring, & Event Analysis3 days ago (Show more)

management and logserver dbsync issue

Hi mates I meet a problem in all enviroment where management server and log server are separeted servers. The version is R80.10 The problem is related to log generated from new gateways. The logs are sent to the logserverbut they are not written in the database. During my investigation and debugging the daemon on logserver, I found out the… (Show more)

2 replies1 new updateShow more activity

Gianluca Giordano (to Tomer Sole) 1 hour ago (Show more Show less)

Hello Tomer it's 3-0224444371

Actions

Gomboragchaa Jamganjav in Management (R80.10)5 hours ago (Show more)

VoIP - Problem

I am trying to replace Checkpoint 1490 with 5200(R80.10). Unfortunately SIP is not passing through over checkpoint. It was dropping SIP 5060 port and I used SIP Security Rule for Proxy in DMZ Topology and created to related rules (from sk95369.) ( dropping packets Reason: post lookup verification failed. and fwconn_key_init_links (OUTBOUND)… (Show more)

1 reply2 new updatesShow more activity

Gomboragchaa Jamganjav marked Heiko Ankenbrand's reply as helpful

Danny Jung

in General Product Topics4 weeks ago (Show more)

DiagnosticsView - CPInfo Viewer

DiagnosticsView is a new Support Debug Tool for Check Point Support Engineers. It's a Windows application that replaces InfoView and offers a graphical representation of collected data from CPInfo. It's layout is highly adjustable and features the general R80 style. Panels can be re-sized, dragged and re-arranged. Thanks Check Point for… (Show more)

29 replies1 new updateShow more activity

Anna Fridman

(to German Khokhlov) 2 hours ago (Show more Show less)

Hi, Please refer to DiagnosticsView sk125092 for the tool description. Thanks.

Actions

Christian Stückrath in SandBlast Network7 days ago (Show more)

emulating encrypted office documents

Hi, I'm wondering, if TX will emulate office documents, which were encrypted using the hard coded "VelvetSweatshop" password. See: Encrypted Office Documents - SANS Internet Storm Center I cannot test this from here, as I'm not on-site at the moment...

7 replies1 new updateShow more activity

Maxi Pertus marked Charris Lappas's reply as helpful

tom7e9b57bc-4ab7-4226-9637-0b9701d64f46 in CloudGuard (Formerly vSEC)3 weeks ago (Show more)

Can you use a different Public IP for VIP than the one at deployment in a vSec Azure cluster?

We deployed a new vSec cluster in Azure a few days ago to upgrade our old one. Support said we could use the old public IP addresses so we moved them from the old resource group. They worked fine for the members, but in a failover, the API deletes "cluster-vip" and when it tries to recreate it on the new active member, it tries to find the… (Show more)

1 reply1 new updateShow more activity

Arin Rehman marked tom7e9b57bc-4ab7-4226-9637-0b9701d64f46's reply as helpful

Ryan Ryan in General Product Topics3 days ago (Show more)

Identity Awareness issue

Hi all, Having a lot of trouble getting IA working on terminal servers. I have the agent installed, it shows connected, it shows the username as authenticated. I go to smartlog, I can see a login event with the correct username and server name in the IA blade. I can also see my traffic is coming through with the correct source port range,… (Show more)

5 replies1 new updateShow more activity

Ryan Ryan (to Ryan Ryan) 2 hours ago (Show more Show less)

Hi guys, thanks for all the responses. In an unrelated issue, i had to reboot the firewall, after rebooting everything worked perfectly. 1 day later, its stopped working again. I have not installed that IA patch, but I guess I will if it will help pep s u q cid (IP) - shows the client username and access roles listed pep s u q usr…

Actions

Jozko Mrkvicka in Policy Management2 days ago (Show more)

Objects and Rulebases on R80.10

Hello guys, Simple question: Where are all Objects and Rulebases stored on R80.10 ? On R77 it was supposed to be in /opt/CPsuite-R77/fw1/conf/ and the files were "objects_5_0.C" and "rulebases_5_0.fws". AFAIK in R80 it should be in some table inside database. Is there any way how to access objects and rulebases directly from CLI ? Which table… (Show more)

6 repliesShow more activity

Tomer Sole

(to Jozko Mrkvicka) 3 hours ago (Show more Show less)

It is true that you can get the fwset representation for some of the objects, not all, by querying the postgres database directly. Few comments: 1. Check Point does not commit on maintaining this scheme, unlike mgmt_cli which keeps backward compatibility and has syntax versions. 2. Getting data directly from Postgres is unaudited. Your audit…

Actions

Wellington Mello in Installation, Maintenance, and Upgrades8 months ago (Show more)

Problem with upgrade via CPUSE R77.30 to R80.10

Hi all, I want to migrate my management via CPUSE, but when I did the verification there were many errors, but of all the fixes I have one that I can not solve, see below: Title: LTE services are not yet supported ----- * Description: The database contains LTE services that are not yet supported on the R80. 10 These LTE services will be… (Show more)

10 repliesShow more activity

Robert Mueller (to Dameon Welch Abernathy) 13 hours ago (Show more Show less)

Then I've run the "pre_upgrade_verifier" cat verification_tools_report.24Jun2018-113703.log Checking for installed components. This may take a few seconds. Please wait... Performing verifications on currently installed version ====================================================================== >>> Executing Source Version Upgrade Path…

Actions

Tom Thwaites in CloudGuard (Formerly vSEC)2 weeks ago (Show more)

Additional External IP (azure)

How do i add an additional external IP to the CloudGuard device in Azure. I've added the new IP in the Azure Portal and attached to the VM, but within the GUI the IP isn't being display? If i create a new alias within the CG GUI, i can't specify the IP as it doesn't allow for /32 within the subnet mask. Any help would be really appreciated.… (Show more)

12 repliesShow more activity

Kan Torres marked Tom Thwaites's reply as helpful

Luigi Vezzoso in General Product Topics4 days ago (Show more)

Distribute Office Mode IP ranges via BGP or OSPF

Is there a method to configure office mode VPN in interface mode? I need this configuration to require a static route for the VPN client IP ranges and redistribute them via BGP or OSPF.

8 repliesShow more activity

Kan Torres marked Petr Hantak's reply as helpful

Heiko Ankenbrand in Logging, Monitoring, & Event Analysis3 months ago (Show more)

R80.10 Syslog Exporter

Via Check Point Support you get a Syslog exporter for SIME applications for R80.10 Managment. Which allows an easy and secure method for exporting CP logs over syslog. Exporting can be done in few standard protocols and formats. Log Exporter supports: Splunk Arcsight RSA LogRhythm QRadar McAfee Log Exporter is a multi-threaded daemon… (Show more)

25 repliesShow more activity

Yonatan Philip

(to Biju Nair) 17 hours ago (Show more Show less)

Hello Biju, When you install the log exporter hotfix it adds the $EXPORTERDIR environmental variable. Since the hotfix doesn't require a reboot, you need to manually reset the ssh connection for the new variable to be added to your environment. Since you didn't log out the variable didn't exist when you tried to deploy it, and so it…

Actions