https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166659#M30004 <P>Which version of management hopefully not R80.10 still as is no longer supported?</P> <P>In theory it can be disabled for Management machines (SMS), please consult with TAC for the procedure.</P> Wed, 04 Jan 2023 15:50:41 GMT Chris_Atkinson 2023-01-04T15:50:41Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/87575#M6759 <P>Hi Guys,</P><P>I just have my vulnerability report for my firewall and it turns out that I need to disable the IP forwarding mechanism in my CP.</P><P>Based on my understanding in general computer networks, IP forwarding is the process handling the packet transfers. If we disable it in the Check Point, how will the firewall transfer packets now? Is my understanding correct or is there something more deeper than that as far as Check Point firewall is concerned?</P><P>I was told to disable using this command,</P><P><EM># echo 0 &gt; /proc/sys/net/ipv4/ip_forward</EM></P><P>Thanks for your replies in advance.</P> Mon, 08 Jun 2020 08:01:03 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/87575#M6759 CyberBreaker 2020-06-08T08:01:03Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/87653#M6772 <P>Don't do that, unless you want to cause an outage.</P> <P>On a regular Linux server, turning off IP Forwarding in the IP driver is a perfectly valid recommendation in most cases.&nbsp; It is not appropriate to manually manipulate this value on a Check Point firewall.&nbsp; The Check Point code controls the state of IP forwarding, switching it from the default of 0 to 1 when Check Point services have started, and changing it from 1 to 0 when Check Point services are stopped or policy is unloaded.&nbsp;</P> <P>If you manually set it to zero, all traffic attempting to transit the firewall will stop working and be dropped by the IP driver just after inspection point I and just before inspection point o.&nbsp; Traffic to and from the firewall itself (i.e. SSH connections to clish/expert mode), HTTPS connections to the Gaia web interface, and firewall management operations will still work, but little else will.</P> Mon, 08 Jun 2020 19:26:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/87653#M6772 Timothy_Hall 2020-06-08T19:26:12Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166642#M30000 <P>Hi All,</P><P>If this&nbsp;<SPAN>vulnerability was on SmartCenter. Should we config&nbsp;<EM>/proc/sys/net/ipv4/ip_forward value to 0?</EM></SPAN></P><P>Tkanks for a lot.</P> Wed, 04 Jan 2023 05:50:37 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166642#M30000 Giga_Yang 2023-01-04T05:50:37Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166659#M30004 <P>Which version of management hopefully not R80.10 still as is no longer supported?</P> <P>In theory it can be disabled for Management machines (SMS), please consult with TAC for the procedure.</P> Wed, 04 Jan 2023 15:50:41 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166659#M30004 Chris_Atkinson 2023-01-04T15:50:41Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166681#M30012 <P>Hi Chris,</P><P>R81 with JFH Take44</P> Wed, 04 Jan 2023 14:29:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-Forwarding-R80-10/m-p/166681#M30012 Giga_Yang 2023-01-04T14:29:13Z