- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Incoming and outgoing TCP sequence numbers should not be changed at the Check Point firewall. I have always asked myself how this can be explained and I have come to the following solution!
This can be checked with the following one-liner:
fw ctl zdebug + packet |grep -A 5 "==I\|==O" |grep -B 5 '<IP-ADDRESS>' |grep "==I\|==O\|Device"
Change the <IP-ADDRESS> in the one-liner to your device.
Please note that "fw ctl zdebug" can cause performance problems on firewalls.
More see here:
"fw ctl zdebug" Helpful Command Combinations
The oneliner is a little different at R77.30.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY