Showing results for 
Search instead for 
Did you mean: 
Create a Post
General Management Topics

This space is the place to ask questions about Check Point's Security Management Appliances, Security Compliance, Upgrading your Security Management to R80.x, and more!

R80.30 Management : Empty action in custom report

Hello All,I have upgraded Management by changing from appliance R77.30 to open server R80.30. Migrate export are done (Gateway is R77.30 12600). Then I moved logs from r77.30 to r80.30 and set index in r80.30 to 365 days. I have some questions about report that I generated.1. In action count of firewall blade on custom report view, there are empty action show in table. what is the empty action ? please explain it. 
Azaad inside General Management Topics 8 hours ago
views 10

Unable to run pre_upgrade_verifier of R80.30 on R77.30 w

Am not able to run pre_upgrade_verifier of R80.30 on R77.30 windows server MGMT.I tried by checking permissions and creating folder in the upgrade tools also.Please help me in this and am attaching screenshot.     
Milos_Jovovic inside General Management Topics yesterday
views 1813 12

RAVPN Checkpoint securID authentication forwarding to RSA authentication manager

Hello Team,I was going through integration of securID RSA Auth. Manager with CheckPoint Cluster (2x5200 NGGW's with 77.30 Gaia on it).Made one object for checkpoint agent on RSA auth. manager console (with ip of CP cluster). What name i have to put here? There is written to put name of securID agent object in CheckPoint smart dashboard. What is that name (securID server object? or someting else?). I have configured External user profile with match-all-users option (is this correct? we need to forward all auth request to RSA Auth. manager. In CheckPoint endpoint security vpn client we have three fields (username, PIN and token)). We have one passphrase (PIN and token), for one user. Is this only one factor or two? I am confused here. I have configured this external user group to be part of new user group securid_user_grupa:I have put authentication sheme securid for this external user profile:I have put this user group in remote access community for RAVPN connections:I have put the same sdconf.rec file on both gw's in cluster (active and standby) on path /var/ace/Installed policy and authentication does not work, zero packets going from CP cluster to RSA auth. manager.In vpn debug log files there is error “Access denied - wrong user name or password”.It is like CP tries to authenticate users in internal user database in MGMT server.I off course put in GW>>>VPNClient>Auth.>>>auth sheme to securID (chose securID server object).Do I have to do cpstop/cpstart on gw's to make this work?Eny suggestion? Maybe I have to change in external user profile type to match by domain?Do i have to check this box omit domain name when auth. users?Thanks Everyone for help.Any help would be appreciated a lot.
yishola inside General Management Topics yesterday
views 162 6

R80.10 -> R80.20/30 Management upgrade issues

Hi There,I've tried various upgrade paths for my VM Management server (R80.10 take 462) to R80.20 or R80.30 without success. I've increased the disk space and extended existing space with lvm_manager - still no joys. Tried cli and cpuse and the errors are always about insufficient disk space. I seem to have a lot of space.Tried migrate export and space issue persists. Tried snapshot and though system says I need 9gb for snapshot (and I have 33gb free), snapshot is unsuccessful.What I am looking for is a process by which I can upgrade the server without CheckPoint snapshot or backup. I can use VM Snapshot as fallback in case I need to.LVM overview============                     Size(GB)     Used(GB)       Configurable    Descriptionlv_current  20                  9                    yes                     Check Point OS and productslv_log          20                15                   yes                     Logs volumeupgrade     22                N/A                 no                      Reserved for version upgradeswap           5                 N/A                 no                      Swap volume sizefree             33               N/A                 no                      Unused space------- ----total 100 N/A no Total size  

Cast (chromecast and Apple AirPlay) from different networks

Hi.I am setting up one Apple TV and one Chromecast in one of our conference rooms.They will be connected to our "device network". People should then be able to cast and share screen from "Internal Networks" as well from "Guest Network" and "PDA/Phone Network" to these devices.I guess I somehow have to enable multicast forward and then create rules allowing unicast to those devices from the different networks?Anyone who has any experience and can share some tips how to do this?Running R80.30 HAThanks/Tobias 
Don_Paterson inside General Management Topics Wednesday
views 14729 21 7

NAT Templates - SecureXL

Is it recommended to turn NAT Templates on?Why is it not on by default?[Expert@GW:0]# fwaccel statAccelerator Status : onAccept Templates : enabledDrop Templates : disabledNAT Templates : enabledNMR Templates : enabledNMT Templates : enabled
Moe_89 inside General Management Topics Wednesday
views 3458 7

"Certificate revoked" error when trying to login to SmartConsole. Cause: Corruption caused by unpredictable circumstances ?

A customer was unable to login to smartconsole with error "certificate revoked". Followed sk113744 which resolved the issue. But the given cause of the issue is "Corruption caused by unpredictable circumstances". What does that even mean ? Does anyone know the actual reason for this issue ?
Larry_Birch inside General Management Topics Wednesday
views 308 9 1

SonicWall Migration

Has anyone had any experience in migrating SonicWall policies into Check Point?  How do this as easily as possible, and lessons learned.  I understand that SmartMove will not work.  Thank you.
Kevin_Werner inside General Management Topics Tuesday
views 2890 9 1

80.10 to 80.20 Pre-Upgrade Verifier

I'm attempting to run the 80.20 pre-upgrade verification script on my 80.10 management server, but nothing appears to be happening when I execute it.  I've run the tool in the past with no issues so I am assuming there is a problem with my syntax.   I'm running ./pre_upgrade_verifier -p $FWDIR -c R80 -t R80.20 and am not getting an output.  The help doesn't list 80.10 as a possibility for the currently installed version so I'm partially wondering if its not supported.where the Currently installed version is one of the following:NGX_R65 (aliases: (aliases: R70_R70, (aliases: R71_R71, (aliases: R75_R75, (aliases: R75.20_R75.20, (aliases: R75.40_R75.40, (aliases: R75.40VS_R75.40VS, (aliases: R76_R76, (aliases: R77_R77, (aliases: R80_R80, file permissions for the entire upgrade pack are below-rw-r----- 1 admin root 19141755 Jan 22 10:00 Check_Point_R80.20_Gaia_SecurePlatform_Migration_Tools.tgz-rwxr-xr-x 1 105 80 893915 Dec 6 03:52 gtar-rwxr-xr-x 1 105 80 241318 Dec 6 03:52 gzip-rwxr-xr-x 1 105 80 9210256 Dec 6 03:52 ips_upgrade_tool-rwxr-xr-x 1 105 80 4636 Dec 6 03:52 1 105 80 14529536 Dec 6 03:52 migrate-rw-r--r-- 1 105 80 70783 Dec 6 03:52 migrate.conf-rw-r--r-- 1 105 80 107 Dec 6 03:52 plugin_pack.conf-rwxr-xr-x 1 105 80 8388116 Dec 6 03:52 plugin_upgrade_matcher-rwxr--r-- 1 105 80 19175 Dec 6 03:52 ppidb.conf-rwxr-xr-x 1 105 80 20965372 Dec 6 03:52 pre_upgrade_verifier-rwxr-xr-x 1 105 80 1468920 Dec 6 03:52 puv_report_generator

VMTools not auto-starting on R80.30

Hi, May be this is not the case for you but for me after I upgraded our management server to R80.30 it stopped to auto start vmtoolsd on boot. That is because vmtoolsd was missing in the list of services as confirmed by 'chkconfig' command. If that is the case for you as well then the fix is to run 'chkconfig --add vmtoolsd' followed by 'chkconfig vmtoolsd on' R80.30 Ongoing Take 111
Daniel_Taney inside General Management Topics Tuesday
views 268 12

Need To Perform Mass Modification Of All User Accounts Expiration Dates

It came to my attention today that I have a large number of user accounts expiring on 1/1/2020. Given the number, it would be best to update these en masse. I have seen a couple other posts where some folks were accomplishing this using a series of API requests / changes. However, I also came across this older sk article: sk522 Can anyone comment whether this is still a valid method on an R80.30 SMS? I'm not opposed to going the API route if necessary, but this method seems to accomplish the same thing in a single command. Thanks! Dan 

NAT Loopback configuration problem in R80.10

Hi I have problem to configure a hairpin NAT (NAT Loopback) on my system. I have a local Lan that is the wan side I have xx.xx.xx.107 that is where all “normal” traffic is using without any problem. I have xx.xx.xx.122 where I NAT https to an internal server.I can access the https NAT server from an external IPWhen I try to access the https external IP from an internal IP on the Lan side ( it is not possible to access the service. In the log file for the access control policy I get an entry that the client is going out to access the external ip. I do not get a log entry for denied or allowed for the access back to the https service. I have been reading the I do not it to work. The config I have in my NAT rules is according to the attached picture. What is it that I am missing?Is my NAT rules in the incorrect order?
Vladimir inside General Management Topics Monday
views 236 8

Identity awareness logging only logon and logoff events.

Now, this may sound funny to some of you that know me, but here it is: We are running Security Checkup in our environment and the 15400 all-in-one box that was configured to accept the traffic from the span port, blades enabled and IA configured. IA is working in terms of seeing AD objects when trying to define roles and we see the logon and logoff events in a SmartLog. AD query is working with adlog a dc and adlog a q ip returning proper values. There are, however no user or machine IDs int the rest of the logs. I am not involved in the hands-on aspects of this project due to rather dramatically expanded responsibilities in my current role, but would like to lend a hand to my guys that are involved with it. SE that Check Point assigned to the case stated that he has seen this behavior in one more Security Checkup he was running, but that the root cause was never determined. Another question is this: when running security checkup with all-in-one, does it make sense to have IA configured or is it better to have Identity Logging configured on the box. Is there a case where both should be configured?   Let me know if you have any suggestions. Thank you, Vladimir

Check Point Infinity Portal Admin Guide

Infinity Portal ( is Check Point's new cloud web management for its security services. Current services include CloudGuard SaaS, CloudGuard Connect and Endpoint Cloud Management. More services coming soon.   The new admin guide is available at   Looking forward to get your feedback on Check Point's cloud solutions and cloud-based management!

SmartConsole update torture

Until what century am I going to see this message? 😄