Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
I have several issues with SecureXL at one customer environment and we also have a TAC case open.
My question is:
| What is the official way to permanently disable SecureXL in R81.10 and R81.20? |
I have already test the following:
1) Disable SecureXL in the fwstart script.
$FWDIR/bin/fwstart
$CPDIR/bin/cpprod_util FwSetSecureXL 0 --> disable SecureXL permanently
>>> This causes SecureXL to be set to the "not init" (see picture) state and the firewall does not work at all.
2) Disable SecureXL via crontab at boot and script
#!/bin/sh
sleep 60
source /etc/profile.d/CP.sh
/opt/CPsuite-R80.30/fw1/bin/fwaccel off > /dev/null 2>&1
exit
>>> As a result, SecureXL will work for about 80 seconds until it is turned off.
For the 80 seconds, there may be a malfunction of the operation.
3) Disable SecureXL via Boot-Script:
echo "fwaccel off" >> /etc/init.d/cpboot
>>> As a result, SecureXL will work for about 20 seconds until it is turned off.
For the 20 seconds, there may be a malfunction of the operation.
4) In R80.10 and below, SecureXL can be permanently disabled through the CPconfig utility. See sk41397
>>> Is therefore also not a solution for R81.10/R81.20
