cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
lior_me1
lior_me1 inside Access Control Products Sunday
views 31 4

active directory users are not logged or honored in policy - r80.10

i've setup a domain, i've enabled identity awernessi've created an access rule, which based on a group that's containing the usersi've created a policy saying they can go to the internet, but when i try to access the web, the gaia is ignoring the ...
Patrik
Patrik inside Access Control Products Friday
views 61 4

Custom Identity Awareness settings not applying

Hello,I'm currently setting up identity awareness with the agent on our clients. I've got everything working with Kerberos SSO, and the logs are filled with AD user names. So far so good! Now I wanted to package this in to a .msi file that we can ...
phlrnnr
phlrnnr inside Access Control Products Thursday
views 16

Identity Awareness, password rotation, and gMSA (Group Managed Service Accounts)

A feature request for ID Awareness - to simplify password rotations on service accounts for Identity Collector or even LDAP account units, it would be great to see support for gMSAs (Group Managed Service Accounts).  These handle the password...
Aloke_Paul
Aloke_Paul inside Access Control Products Wednesday
views 15

Common DHCP Issue

Issue Description: Not getting IP from DHCP server. L3 configured on Checkpoint firewall.Action taken : Check TCP dump from gateway found that bootp request reaching to public IP.Check NAT rule for all LAN subnet found that it is hide behind gatew...
Mattia_Varone
Mattia_Varone inside Access Control Products Wednesday
views 62 5

Change the VSX internal communication network

Hi guys,I have to setup 4 VSX cluster in HA mode, and I would like to modify the internal dedicated communication network for each one VSX cluster. The default network is 192.168.196.0/255.255.252.0, and is a very large subnet. Could be ok dedicat...
MattDunn
MattDunn inside Access Control Products a week ago
views 59 4

Device distinction

Hi,Can the firewall distinguish between Apple IOS mobile connections and those connections initiated by a  browser/PC/MAC?  I'd like to apply slightly different policies depending on the type of device connecting...Thanks
Jarvis_Lin
Jarvis_Lin inside Access Control Products a week ago
views 117 6

Translate destination on client side

Hi CheckMates,Per sk85460 says:Detailed example:  Server side scenario: If the correct static host/network route for "Destination/Server" was added into the routing table of the underlying operating system, the packet will be r...
lior_me1
lior_me1 inside Access Control Products a week ago
views 143 12

rdp slow access between vlans

problem with rdp accesshangs on this window for a minute or two and then connectsany ideas what to look for?happens from every computer on a given vlan to another vlan on the checkpoint gaia appliance
Wolfgang
Wolfgang inside Access Control Products a week ago
views 47 1

VPN rdp probing with external managed device

Hello,with gateways managed by one SMS you are able to do RDP-probing for high availability of a VPN-tunnel beetween CheckPoint gateways. Works fine.But is this feature supported with an external managed gateway ? The other gateway is too a Check ...
Peter_Elmer
inside Access Control Products 2 weeks ago
views 179 5
Employee

Establishing trust based on signed certificates between Cisco ISE and ID Collector

Based on a video posted here I created a document showing how you can use certificates signed by a Microsoft CA to establish trust between a Cisco ISE and a Check Point Identity Collector.  Take your time to see the video and then the documen...
Nikhil_Patil
Nikhil_Patil inside Access Control Products 2 weeks ago
views 132 8 1

AD and Firewall integration

Hi,One of our customer has Bluecoat proxy(for bandwidth management + URL filtering) and Palo alto(Application fw + IPS)firewall in their network. Network flow  LAN users -->AD server -->Bluecoat proxy --> Palo alto firewall -->Int...
Vengatesh_SR
Vengatesh_SR inside Access Control Products 2 weeks ago
views 53 3

Maximum Policy Number's.

Hi Guys, We have 5600-NGTP device, we need to what is the maximum rule number can you added or supported by this firewall. And is the anyway to check for other devices also.I have gone through the datasheet but unable to get it.We are concerning i...
Amit_Singh3
Amit_Singh3 inside Access Control Products ‎08-29-2018 09:42:00 AM
views 6556 6 2

Site to Site VPN - Check Point R80.10 to Cisco ASA - Troubleshooting

Moderators Note: the original poster removed the origins content of this post. However, the replies to this post may be useful if you're trying to troubleshoot a VPN between Check Point and Cisco.
Silvan_Nyambu1
Silvan_Nyambu1 inside Access Control Products ‎12-09-2017 09:04:07 AM
views 357 4

High CPU usage on security gateway after R80.10 Fresh install

Hi, i am having a distributed environment of one Smartcenter and one security firewall both running on R80.10, but previously they were both running on R77.30I recently i did a fresh install of R80.10  on both the management and the Checkpoin...