- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Incoming and outgoing TCP sequence numbers should not be changed at the Check Point firewall. I have always asked myself how this can be explained and I have come to the following solution!
This can be checked with the following one-liner:
fw ctl zdebug + packet |grep -A 5 "==I\|==O" |grep -B 5 '<IP-ADDRESS>' |grep "==I\|==O\|Device"
Change the <IP-ADDRESS> in the one-liner to your device.
Please note that "fw ctl zdebug" can cause performance problems on firewalls.
More see here:
"fw ctl zdebug" Helpful Command Combinations
The oneliner is a little different at R77.30.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY