- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
After an successful(…) upgrade of an R80.20 Managment Server to R80.40 with CPUSE we installed policy to the main gateway/cluster. After that we had a major outage for many server communications.
What happened:
The Checkpoint upgrade process (re)created an object named “CP_default_Office_Mode_addresses_pool” with IP range 172.16.10.0/24 and “Automatic HIDE NAT” turned on.
( this object was deleted (long time) ago because it was not needed (no VPN) and in conflict with the “server” network)
The result:
Because this new/(“Default”) network object included IPs from the "server" network important communication from these servers where stuck because of turned on "Automatic hide NAT" ( there was no NAT before )
These broke a lot of important services immediately.
I know, this is not a new behavior – I know from experiences in the past for deleted “Default” objects/rulebases. I also found similar references (e.g. R75.30 - see end of page )
I do not understand, why CheckPoint is (re)creating this network object – including Automatic NAT - during an Upgrade?
At least I expect a warning or notice ( e.g. "pre_upgrade_verifiyer" …) !
With a decission to create this object R&D forces the customer to have big outages !
CheckPoint – please explain, why you need to create this object ?
Thanks
Martin
Hi @Martin_Hofbauer, my name is Eran and I'm a Group Manager in R&D, my team is responsible for the Management upgrade process. I'm sorry for your bad experience and for the business impact you had, and I'm taking it very seriously. I will sync with my team and with my colleagues in R&D to understand better what was the expected outcome and what went wrong. If you already opened a ticket to TAC please share it with me (privately). I will update you offline when we conclude the discussion, and afterwards I will share more info on this thread with everyone.
Hi,
I would like to update that a fix to this issue has been released.
The fix included in the following upgrade tools packages (or newer) :
R80.40 upgrade tools package 994000325
R81 upgrade tools package 995000409
Please follow sk135172 to download the upgrade tools package.
Thanks,
Itai
Hello everyone!
I recently encountered similar settings while migrating management from R81.20 to R82.00. I came across this post while looking for information on what could have caused these changes in the “CP_default_Office_Mode_addresses_pool” object, which appeared after the migration. Fortunately, this did not affect the company’s production environment. Because we don’t use the 172.16.10.0/24 network. But it did cause a bit of stress, as I only noticed this after applying policies on the new management console.
That’s why I want to inform the community that the issue has resurfaced. ) If you’re performing a migration, make sure to disable “Automatic HIDE NAT” after the migration.
You are commenting on a post that is almost 6 years old. You want to open a new discussion
No, I don't want to. But I thought the historical context of this issue would be relevant. I've resolved the issue for myself.
I think that's very valuable feedback. Thank you !
We now know that the current version still has the same behavior - nobody at CheckPoint addressed the issue ...
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 19 | |
| 8 | |
| 6 | |
| 6 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 2 |
Thu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealThu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASETue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeThu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY