yes it is, and from hcp report i got:

Description

Drop templates are enabled but SecureXL drops show 0 packets dropped due to templates

Suggested Solution

Solution #1

Consult with TAC for further assistance

I installed jumbo 41 in the lab the other day and Im super impressed with it. I know its not recommended yet, but something to think about. Btw, what did TAC say? Also, the approach I would take if I had this sort is issue is "parse" through the logs and see if specific IPs are dropped the most.

Best regards,

Andy

TAC confirmed that PRHF-31092 is included in JHF41.  Although, I don't see the PRHF listed here:  https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.20/R81.20/Take_41.htm

TAC sent me the individual fix to install over JHF26, I reviewed that and found the PRHF noted.

Probably waiting until the new year to go to JHF41.

I definitely recommend take 41, I find it super stable, very impressed with it.

Andy

We are running take 41 here and faced the same issue. We observed ldaps connections being interrupted during every policy install, even with "keep all connections" enabled. Workaround was to disable acceleration "fwaccel off" (which you should only do for troubleshooting!).

TAC also provided the hotfix with ID PRHF-31092 which solved the issue. Still cannot find it in the release notes yet for any upcoming take, so I'll keep observing https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.20/R81.20/R81.20-List-of-all-Resolved-Issues.htm

Apart from that, take 41 is running fine.

Regards
Thomas

Good to know PRHF-31092 hotfix resolved your issue.  PRHF-31092  was noted in JHF43 last I looked, but now it's gone....weird.(released 1/8, was not the recommended release, JHF41 is still recommended).   JHF45 is now latest, so - we'll probably need to install at least JHF43 to resolve or get clarification about PRHF-31092 to see where it went.

I asked to TAC and this is the answer:

The fix,  PRHF-31092 is yet to be integrated in T41 of R81.20. (Which is currently the recommended take).

For future reference, you could simply look for ID of the fix in the "list of resolved issues", which I'll attach below. 

Anyway, if i go to list of resolved issue there is no mention related to PRHF-31092. Any idea?

It was mentioned take 45 should be recommended soon, so hopefully all this will be included.

Best,

Andy

I think take 45 will be recommended take soon.

Andy

Hi kvdocp,

We found your article today. Let's say, same here. (we have MAESTRO)

Do we know the exact solution? We got a hotfix from TAC (fw1_wrapper_HOTFIX_R81_20_JHF_T41_844_MAIN_GA_FULL.tar) and we will install it tonight.

Does it solve the policy install problem?

Br

Ako

Hello Amit,

sorry but i forgot the problem on the customer, lot of months are gone.... anyway with latest hotfix everything seems to work good

i will ping you if the light bulb goes on in my head

thank you