Showing results for 
Search instead for 
Did you mean: 
Post a Question

PDP/PEP Identity Sharing Not In Sync?

I will likely open a TAC case on this, but we noticed today that one GW using identity sharing today seems to not be fully in sync with the PDP. For example, if I run pep show user all |grep <username> on the PDP, I am able to see ...
Mike_Jensen inside General Management Topics 5 hours ago
views 28 5

NTP R80.10 2200 appliances will not sync

Has anyone else encountered this issue? I have several 2200 appliances running R80.10 with Jumbo Hotfix Accumulator 189 and I cannot get them to sync with any NTP server.  I have tried,, individual public NTP...
inside General Management Topics 7 hours ago
views 2278 18 8

Domain Objects (FQDN) - An Unofficial ATRG

In 2018 I wrote an internal (Check Point) unofficial ATRG that covers Domain Objects in a lot more detail than sk120633 covers. I've discussed this document with our developers and confirmed all the details and was given permission to share t...

Create rule from deny log

Hi,I get a question from one of my customer.It is possible to create a rule from dropped rule like pfsense ? We can create a host from an IP, I believe we can ...

CPUSE Deployment Agent build 1669 shows a strange image

Blink image of Check Point Now R80.20 Jumbo HF T13 is now available for download. File Name: blink_image_Check_Point_Now_R80.20_JHF_T13.tgz Package Size: 2433.5 MB Release Date: 20-Mar-2019 But what is this ? GW R80.20 3.1 has take 11, a R80.20 JT...
Sagar_Manandhar inside General Management Topics Friday
views 1639 10 3

Script to run migrate export backup

hi,How can we schedule the migrate export backup everyday and push it to another server with the backup file name with date. Tried with job scheduler but there we find some limitation.Regards,Sagar Manandhar
Muhammad_Ali inside General Management Topics Thursday
views 117 4

Can't Discard "SmartView Tracker" sessions on R80.20 SmartConsole

Is there any way to discard the old "SmartView Tracker" sessions on R80.20 SmartConsole? The only option I get is  "Disconnect" and that is also disabled. Find attached the screen shot below:Can't Discard Sessionwhereas I can "Discard" and "T...
Vladimir inside General Management Topics Thursday
views 67 1

Locking Out Policy Installation during Snapshots

Here is another scenario recently experienced in the field: Cluster of gateways got upgraded to the R80.20. Dedicated Gaia admin received version change notification and proceeded to snapshot the upgraded appliances. Check Point admin, meanwhile, ...
Vladimir inside General Management Topics Thursday
views 79 1 1

Shared Layers Annoyances

With R80++ we've got an ability to implement Shared Layers. It is an interesting feature that allows us to have common security parameters across multiple policies. Having used it for a while, I've bumped into this scenario: Client has multiple, g...
alfreska inside General Management Topics Thursday
views 262 5

R77.30 Evaluation Licensing Keep Getting Assigned Local License Type

Our hardware firewall failed at one of our sites and a new one is on the way, and in the meantime I am trying to deploy a VMWare version of R77.30. Our CheckPoint infrastructure is centrally managed with a SmartCentre management server.I generate ...

Check SIC status without SmartConsole on Management

Hello, I'm looking for Checking Sic Status on CLI instead of Smartconsole.I know how to set it on CLI on Management side. push cert commandsI know how to set it on CLI on Gateway side. cp_conf commands.I know how to check status on CLI on Gat...
Ze_Kai_Ng inside General Management Topics Thursday
views 137 4

Multi-Domain Server Syslog to CP Log Exporter

Hi, I am currently having an issue where the MDS server syslog is not being exported to our syslog server using Check Point log exporter. Check Point log exporter seems to be working well with exporting received firewall syslog messages but M...
G_W_Albrecht inside General Management Topics Thursday
views 1936 28 7

Blink, anyone ?

The sk120193 Blink - Gaia Fast Deployment gives details and tools for easy deployment of cleanly installed Check Point R77.30 or R80.10 Security Gateways. Has anyone used this method already and what were the experiences with it, also compared to ...
Hugo_vd_Kooij inside General Management Topics Wednesday
views 2447 21 5

Selective use of Geo Policies

I was trying to see if I can use Geo Policies more selectively in R80.10For example:I want only a few countries to start SSH to a server.I want to block certain countries from starting a SMTP connection.Has anyone figures out a way on how to do that?

SIC issue

Hi All On  distributed Lab enviornment, having 2 Security gateway, one's IP is and other's IP is SMS having IP Between both gateway internet is there. 1st gateway having internet facing IP