Recent Posts

Johannes Schoen
Click to view contentDear Community,   as an ISP we are monitoring our costumer environments throug IPSec tunnels from our datacenter. I don't know why, but two of our Check Point installations are strange - I cannot access the secondary node through IPSec - other sites work well with the same design. One troublemaker runs an old VRRP cluster (R77.30), the other on… (Show more)
Evgeniy Solovyev
Hello to all.   I know that there is a CP command to view the status of the management server loading (for example after reboot). When the server boots, command output says that the server is in the process of initialization. When the command indicates that the status of the server is working, you can connect by the console.   I used it in R80… (Show more)
in General Product Topics
CHINMAYA NAIK
Requirement: Exporting Check Point logs over Syslog (LogExporter) to SIEM. Dedicated SmrtEvent server with R77.30 GAIA OS Step 01: Check the current Hotfix install on SmartEvent server Using CLI: installed_jumbo_take and cpinfo -y all  Using WebUI: "Status and Actions"  section. Step 02: If take_338 or above is exit then skip this step…
Gorazd Baldovsky
Hi all, We run VSX 77.30 firewall with enabled IPS and HTTPS inspection. One HTTPS webpage uses large javaScript (.js) files, and the download is being dropped at 3.06 MB. I case we switch HTTPS interception off, everything works fine.   There is no special log in the tracker - just that the traffic was allowed and then HTTPS-inspected. There is… (Show more)
in Threat Prevention
b93417f3-d070-3a49-b70a-6fc8912efc50
Hello Checkmates,   Does anyone know if    - ISP Redundancy with more than two links (3 or more Internet links)  - Policy Based Routing (route to different ISPs for different types or traffic and from different subnets)   is going to supported anytime soon? There appears to be some enhancements in R80.30 for Advanced Networking in this regard… (Show more)
in General Product Topics
Erakul Siddharth S
Can anyone explain clear about NTP server in checkpoint, how it's getting synchronization with other server time?. Also Share the steps to proceed in GUI and command which used in CLI for clear understanding.
in Management
Heiko Ankenbrand
Click to view contentUnder R80.30 it is possible to encrypt CCP traffic.  This is very useful to protect the cluster from manipulated CCP packets.  Therefore new commands have been implemented on the CLI for this purpose. The following description shows you how to enable CCP encryption. All settings you make on the CLI are permanently stored in the following file…
in General Product Topics
Johannes Schoen
Hi Community,   I got a annoying strange behavior:   Perimeter Checkpoint, Transfernet to Core Firewall with topoloy RFC1918 networks. New VPN tunnel with a /24 net from 10.0.0.0/8 range.   Excluded tunneled network from address spoofing on external interface. Created a Group RFC1918 networks with Exclusion of tunneld /24 network. Set that… (Show more)
Jesus Cano
Hi,   I upgraded SMS (virtual) and gateways from R77.20 to R80.10. In SMS i did a clean install with migrate import.  The only doubt is about licensing. I didnt touch anything about licenses in R80 after upgrade was done, so i dont know if i should install/attach the licenses in R80.10 for SMS or GWs. So how can i know if the nodes are working… (Show more)
David Spencer
I've configured the global properties such that nac_agent_disable_quit has been enabled, however agents that are already deployed are able to exit the agent still. New deploys are correctly receiving this setting.   What have people done to ensure this setting is changed for agents that are already deployed?   Thanks
Vladimir Yakovlev
Can't find it in $CPDIR/conf/cp.macro:    CPSM-PU001-F-CLM   Specifically the -F-CLM portion.   Thank you, Vladimir
in Management
Tim McColgan
We are seeing an issue since we upgraded to client E80.83.5080. When a user saves an Excel file and chooses the File Type of PDF, an error will show up in Excel saying the document has not been saved. However, the strange thing is, the file will (sometimes) save. It seems that it saves when you try the save as PDF process after the first time with… (Show more)
in SandBlast Agent (Endpoint)
Load more items