cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Enterprise Appliances and Gaia OS

Have questions about Security Gateway Appliances, Gaia OS, CoreXL, SecureXL, or ClusterXL? This is where to ask them! This also includes legacy operating systems like SecurePlatform, IPSO, or XOS.

For Small Business Security appliances (600/700/1200R/1400/1500), see the SMB Appliances and SMP space.

reset user admin r80.10

good morning group, I have a problem I found the following sk163461 to be able to reset the admin psw since my client forgot it and it was not documented, only that at the time of mounting live centers I do not appear options, someone who can help me ??

http security server port

Hi How do you enable the http security server to listen on another port (default is 80)? I am trying to build a rule with service with resource and I dont think its matching because the target web port is 8080. Using R80.20 gateway.more $FWDIR/conf/fwauthd.conf......80 fwssd in.ahttpd wait -8
Zach_Rack
Zach_Rack inside Enterprise Appliances and Gaia OS 15 hours ago
views 1248 6

2 Factor authentication on GAIA?

Can we Implement 2 Factor authentication on GAIA ?
S_E_
S_E_ inside Enterprise Appliances and Gaia OS 17 hours ago
views 1685 6

How to identify transceiver / SFP+ adapter?

Hi,I'm looking for a command to identify if a SFP+ adapter has been inserted and if, which one.E.g. 5xxx / 15xxx series appliance.The "show asset all" does not really helpNumber of line cards: 1Line card 1 type: 2 ports 10GbE SFP+ Rev 2.0Something like this (guess the vendor) would be great"show interface ethernet 1/1 transceiver"dmesg command does not really help either.any ideas?Regards,

Restore snapshot from USB drive via CLI

Trying to restore a R80.30 snapshot image (stored on USB) via CLII have completed the following to mount the USB drive:mkdir /mnt/usbmodprobe usb-storagedmesgmount /dev/sdb1 /mnt/usbcd /mnt/usblsSnapshot image is named 80_30.tar.Then ran the following to import the image and revert:set snapshot import 80_30.tar path /mnt/usb/ name 80_30set snapshot revert 80_30After issuing the revert command, nothing seems to happen.  There is no on-screen messages or progress bars.Tried viewing snapshots using show snapshots but that returns nothing.Any help here would be appreciated.

DNS error affecting CP updates

Hello all.My second question here.  Hopefully I will supply all the necessary information.My organisation has a ClusterXL HA pair of 5900 appliances running R80.20 Jumbo HF take 118.  I have noticed on SmartConsole Gateways & Servers that the standby node is showing an error.  Looking at the Device Status of the node, the IPS, Anti-Bot & Anti-Virus blades are displaying 'Error: Update failed. Contract entitlement check failed. Could not reach"updates.checkpoint.com". Check DNS and Proxy configuration on the gateway'. I have connected via SSH to both nodes in the cluster and verified that I can ping external and internal endpoints from both nodes.  I entered Expert mode on both nodes and ran dig against a known internal and external domain name.  This was successful on the active node but failed on the problematic standby node with 'connection timed out; no servers could be reached'.I power cycled the standby node this morning.  I am now seeing Connection Alerts in the SmartConsole log for DNS queries originating from the problematic gateway.  The reason is 'Firewall - Domain resolving error. Check DNS configuration on the gateway (0)'.  We are not using domain objects.Both HA nodes have identical NAT and policy.I have reviewed DNS Error Message  but it does not appear relevant.It may be unrelated, but there is a noticeable delay between entering the username and the password prompt appearing when accessing the problematic node via ssh.I'm wondering what else I can test before pushing the issue out to TAC.Thanks,Andy

Enabled SecureXL means no traffic

Hi there,have anyone got problem with SecureXL after upgrade from R80.10 to R80.20?At beginning I thought that it might be a problem with NAT Templates, as they are disabled on 80.10 and enabled on 80.20 but it's not. I've turned them off and issue persist.Frankly speaking I don't understand what is going on. FW.log  shows everything is fine, rules are applied and working, but physically there is no internet communication.And here comes the miracle:When I turn off SecureXL everything goes as it should. I have already opened a Technical Assistance Case, but it looks like they suck more than I do (except one wonderful woman with which we found that SecureXL is an issue). So I decided to ask here, have you guys faced such a crazy issue?RegardsArek 

Replace/Upgrade Cluster

I currently have two 4800s in a cluster on R80.10. I am looking to utilize the same cluster name/configuration and replace these gateways with two 6500s on R80.30. I just wanted to brain storm on the easiest way to accomplish this. Also, seems like this should be a common ask. Are there any Check Point guides for something like this?

Upgarde to R80.30 keeps failig

I am upgrading management server in HA running R80.10 to R80.30. I have managed to upgrade the standby server successfully without any issues using CPUSE. the primary upgrade keeps failing with error " CPUSE encountered a problem while importing the package to the Gaia machine. try to import the package again. if the problem persist, contact check point Technical Service"I have tried to upgrade the DA to the latest version , but the upgrade keeps failing with error message "File is not DA package". can anyone help please ? 

Upgrade to R80.30 fails

Standalone full HA deployment running R80.10 in a test lab environment.Trying to upgrade to R80.30 using the following guide:https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_Installation_and_Upgrade_Guide/html_frameset.htmI've exported the R80.30_T200_Fresh_Install_and_Upgrade_Security_Gateway.tgz file from a separate (LIVE) firewall and imported this onto the 2nd cluster member as the cluster doesn't have internet connectivity.When attempting to upgrade (right click and selecting 'Upgrade') the installation fails shortly after.  Here is a copy of the install log:[11/08/19 - 15:44:59][18264 4126043024]:------ Installing: ------[11/08/19 - 15:45:00][18264 4126043024]:------ Validating Install: ------[11/08/19 - 15:45:00][18264 4126043024]:/var/log/CPda/metadata/CheckPoint#Major#All#6.0#5#0#R80.30_GW_T200/tmp//major.conf file is in wrong format, unknown key: NEW_UPGRADE_VERSION[11/08/19 - 15:45:00][18264 4126043024]:Error: Could not read config file /var/log/CPda/metadata/CheckPoint#Major#All#6.0#5#0#R80.30_GW_T200/tmp//major.confAny assistance with this would be greatly appreciated.  

Many logs "kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULL"

Hi team,We have a dedicated management in R80.30 and many gateway in R80.10 or R80.30From one gateway in R80.30 with JUMBO_HF_Bundle_T50, we have many the following error message:Oct 23 08:57:16 2019 Gateway kernel: [fw4_0];[A.B.50.1:316 -> A.B.6.3:0] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 08:58:57 2019 Gateway kernel: [fw4_1];[A.C.51.225:61106 -> A.E.3.201:49155] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 08:59:15 2019 Gateway kernel: [fw4_0];[A.C.51.225:61154 -> A.E.3.201:49155] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 09:06:28 2019 Gateway kernel: [fw4_1];[X.187.172.9:63237 -> 81.18.Z.123:443] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 09:08:16 2019 Gateway kernel: [fw4_2];[A.E.16.53:49458 -> A.F.2.200:60001] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 09:09:34 2019 Gateway kernel: [fw4_0];[A.E.102.224:49180 -> 18.X.169.249:80] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULLOct 23 09:10:05 2019 Gateway kernel: [fw4_0];[A.E.3.201:56124 -> 185.84.112.151:443] [ERROR]: kfunc_cmik_loader_execute_dyn_ctx: cmi_match_env is NULL These errors appear generally every 3/4/5 min, without SecureXL or not, we still have these logs. I have installed the Take_76, we still have these logs.My question is: Before to open a case to the TAC, does anyone has faced with these errors ? If so, what was the resolution?  Regards 

High memory usage

Hello,Wanted to share the issue we have with our gateway.  We have following blades enabled:fw urlf appi identityServer SSL_INSPECT content_awareness monAppliance is with 16gb, running latest R80.30.The problem we are having is that at some point memory usage increases sharply and it never comes down, unless we reboot appliance. This is causing issues to the traffic because some connections are getting disconnected during occurrence. I can't find in top (shift+m) any process which would contribute to this behaviour.I hope I am not alone with this issue, so please give a shout if you have something similar. Some of the occurrences from the past to show what happens: 

Message seen on /var/log/messages - "simi_reorder_enqueue_packet"

Hi there guys, I'm seeing this message  "simi_reorder_enqueue_packet" on /var/log/messages. Is this an indication traffic congestion? My network is  momentarily encountering intermittent application connectivity especially on VOIP. As usual, no drops are seen on tracker and zebug. Hope someone had encountered this.

ssh protocol with proxy

helloI have installed  checkpoint as a proxy server, and all users go internet with this proxy server.now i want  to pass ssh trafic via  proxy for some users, how i can do it ?i did it  as it is in a screenshot but still not  working .   

UserCheck block page content change

helloI want to to change the UserCheck block page content , how can i  do it , where is the location of this  ".Php" file in management server ?