General Topics

Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET

Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET

Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall

Learn More

HTTPS Inspection
Help us to understand your needs better

Take the Survey

CheckMates Go:
Spark Management Portal and More!

Listen Now

Create a Post

RECENT POSTS

MOST POPULAR

FEATURED POSTS

inside

Admin

26599

Domain Object when FQDN has multiple DNS results

26499

inside

Contributor

26100

Configuring CLuster XL step by step

26099

inside

Advisor

25999

SecureXL is enabled, but the traffic is not accelerated

25599

Solved

inside

Collaborator

25500

High CPU after upgrade from 77.30 to 80.10

25000

Solved

inside

Collaborator

24900

ICMP reply does not match a previous request

24900

inside

MVP Gold

24899

Stealth rule vs Management Rule

24499

Solved

inside

Advisor

24399

R81 - SNMP does not support SHA1 anymore

24399

inside

Contributor

24099

FW-1: [cul_load_freeze][CUL - Cluster] CUL should be OFF...

23900

Solved

inside

Participant

23800

Can't access SmartConsole ("Unable to connect to server") but can access WebUI...

23800

inside

Participant

23500

How can I find Throughput statistics?

23500

Solved

inside

Advisor

23196

R80.10 gateway, can't set sim_clamp_vpn_mss

23099

Solved

inside

Participant

23099

What's different meaning of Redirect, Detect, Drop, Block and Prevent?

23099

inside

Contributor

23000

Get all the Gaia version and installed jumb hotfix

22399

Solved

inside

Collaborator

22299

Aruba Clear Pass Integration - API

22200

inside

Participant

22100

HTTPS inspection with trusted certificate

22100

inside

Participant

22100

R80.40 - Dynamic split of CoreXL

21999

Solved

inside

Collaborator

21900

Dedicated routing table of Mgmt Port Require In checkpoint which is not available in present device

21900

inside

MVP Gold

21899

Update R80.20+ Security Gateway Architecture (Logical Packet Flow)

21899

inside

Advisor

21799

Best practise - How often do you patch/upgrade your gateways?

21799

inside

Collaborator

21799

How to get interface status of particular time slot

21799

inside

MVP Gold

21700

Check Point Site-to-Site VPN Compatibility Matrix

21700

Solved

inside

Contributor

21699

R77.30 Take 286: New Jumbo Hotfix GA Release

21698

Solved

inside

Collaborator

21698

How to handle core-dumps and crash dumps

21698

inside

Explorer

21300

how to check VPN phase 1 and phase 2 status?

21300

inside

Participant

21299

Monitoring standby member in a cluster

21299

inside

Contributor

21199

CheckPoint redirect to IP address 62.0.58.94

20998

inside

Champion

20866

logical interface as next hop for routes on cluster members that DO NOT use VIPs in different subnet

20866

inside

Contributor

20800

R80.40 IPSEC VPN shows stuck at Phase I but is fully operational

20800

inside

Contributor

20800

Discovering changes in topology table

20800

inside

MVP Gold

20799

"Max Power" Book Second Edition Released!

20799

inside

Explorer

20699

Policy Based Routing and default route / features

20699

Solved

inside

Contributor

20600

Finding root cause for all the F2F traffic

20600

inside

Advisor

20400

Outbound SSL Inspection: A war story

20400

Solved

inside

Explorer

20299

Security Gateway Performance Optimization Excerpt

20299

inside

Participant

20200

Both security gateways are active in the Full HA cluster

20200

inside

MVP Gold

20199

HP Server DL360/380 G9 reboot issue!

20199

inside

Advisor

20099

How to see what firewall rules match some traffic

20099

Solved

inside

Participant

19900

How to check ThreatCloud URL Reputation?

19899

inside

Advisor

19800

Problem IP Sec VPN Checkpoint > Juniper no response from peer. IKE failuret

19721

inside

Participant

19665

All Products and Where To Post About Them

19599

inside

Collaborator

19599

Gaia Portal shows blank page after log in with Firefox 5x or Chrome 66 - Fixed in sk121373

19599

inside

Participant

19599

Site-to-site vpn Tunnel to a non Checkpoint Gateway

19599

inside

MVP Gold

19500

Check Point Support Resources - Top 10

19500

inside

Advisor

19400

Remote Access VPN in a Load-sharing Cluster Environment

19400

inside

Explorer

19399

Packets from IPSec tunnel were dropped. It seems there is an issue on the coreXL connections table

19399

inside

MVP Gold

19399

Which version is better? R80.10 or R77.30

19399

inside

Contributor

19399

static NAT vs hide behind an IP

19399

inside

Admin

19399

R80.30 Early Availability Program is started!

19399

Solved

inside

Contributor

18999

How to show the active connection to a specific host

18999

inside

Collaborator

18999

Let's create Check Point Super Cheat Sheet

18999

inside

Contributor

18999

How to list arp table and identify network devices with mac under Check Point FWs

18999

inside

Explorer

18913

Checkpoint 5600 - Alternative Virtual Appliance options for on premise deployment?

18913

Solved

inside

Advisor

18899

Hide NAT: Simultaneous Connections to the same destination

18899

inside

Collaborator

18899

Pulling FW data fron MDS using a script.

18899

inside

Admin

18827

TechTalk Special Edition: The Apache log4j Vulnerability Explained

18827

inside

Admin

18800

R80.30 Technical Update TechTalk

18800

inside

Participant

18799

Types of NAT used in checkpoint firewall

18799

Solved

inside

Collaborator

18799

DNS Resolution failing but ping to IP address is succesful.

18799

Solved

inside

Champion

18700

Gateway behind NAT. What limitations am I to be aware of?

18700

inside

Contributor

18700

How can I setup a primary and backup S2S VPN tunnels

18700

Solved

inside

Advisor

18699

Disable NAT on SIP payload - breaks ICE

18699

inside

Admin

18699

Upgrading form R81.10 to R81.20

18599

Solved

inside

MVP Gold

18400

R80.20 Issue : Monitoring standby cluster members via VPN

18400

inside

Champion

18400

Configuring dynamic routing in clustered VSX

18400

Solved

inside

Contributor

18399

RSS feed for checkpoint.com is not working any more

18399

inside

Participant

18300

Can you explain the impact of using fwstop and cpstop ?

18300

inside

Participant

18299

IPSec Tunnel Failing to establish

18299

Solved

inside

MVP Gold

18299

Check Point Clustering between two Datacenters

18199

inside

Contributor

18198

Increasing Fifo Buffers on Firewall Interface

18198

Solved

inside

MVP Gold

18100

Custom URL matching with HTTPS categorization

18000

inside

Advisor

17999

Activating Identity Awareness to Intergrate AD

17999

Solved

inside

Contributor

17800

Identity Awareness Agents SK with direct links - published!

17799

Solved

inside

Employee

17799

Tip of the week: Support Center's Upgrade Wizard

17799

Solved

inside

Collaborator

17799

Blocking for specific file types in Check Point Firewall

17799

inside

Explorer

17799

ISP Redundancy (load sharing) issue in R80.10

17799

inside

Explorer

17797

What is route and how to configure route?

17797

inside

MVP Gold

17700

Check Point Support Tools - Top 10

17700

Solved

inside

Participant

17699

R80.20 strange behaviour - random TCP session timeout values - fw ctl conntab

17699

inside

Explorer

17699

Verify Enabled Cipher Suites in HTTPS Inspection

17699

inside

Advisor

17600

Do any Checkpoint appliances offer SSL offload?

17600

inside

Champion

17600

Identity Awareness getting DC Name only

17600

inside

Collaborator

17599

Check Point Deployment Shell internal error

17599

inside

Advisor

17599

Stateful Inspection on Gateways

17599

inside

Explorer

17599

Untrusted TLS/SSL server X.509 certificate

17500

inside

Collaborator

17499

JHF 317 breaking sync connection and not coming back up

17499

inside

Contributor

17400

Domain object is not working in R80.10 properly

17399

Solved

inside

Participant

17399

Https inspection Validation error

17299

inside

MVP Gold

17299

Open Server - HCL for multi queue network cards

17299

inside

Collaborator

17297

SecureXL R80.20 - Issue on ALL High TCP Ports

17297

inside

Employee

17147

Showing logs "Missing OS Route" when place new CP Appliance (Suspect ARP issue)

17000

inside

Advisor

16999

LDAP Authentication failed in SSL VPN

16999

inside

Participant

16999

syn-ack on every IP address on port tcp_80 during vulnerability scan

16999

inside

Collaborator

16998

Report show spam category with "accept" actions but not blocking

16998

inside

Explorer

16899

Combine VLAN and physical interface, which already has an assigned IP

16899

Solved

inside

Contributor

16805

Delete a specific connection entry in Checkpoint Gateway

16799

inside

MVP Gold

16701

Performance of a single connection ?

16701

Solved

inside

Advisor

16699

CheckPoint TLS 1.3 support: When?

16699

inside

Contributor

16699

Application database update failed

16601

inside

Advisor

16600

NAT Exhaustion - Hide NAT failures

16600

inside

Advisor

16600

What does high si mean on a FW Worker core?

16600

Solved

inside

Collaborator

16599

Unable to open URL Categorization link

16599

Solved

inside

Contributor

16591

upgarde to R80.30 using CPUSE failing

16591

Solved

inside

Participant

16499

Request for VSX training Videos R80.10 or R77.X

16400

Solved

inside

MVP Gold

16299

R8x - Gateway Performance Metrics

16299

inside

Explorer

16199

Creating multiple VPN site to site connections on CheckPoint

16199

inside

Advisor

16199

URL Filtering and Application Control in my R80.20 not dropping categories

16199

inside

Collaborator

16134

ISP Redundancy & Policy Based Routing

16134

inside

Employee

16099

sk164752 - Installing DOOM on Gaia

16099

inside

Contributor

16099

Unable to connect to the checkpoint cloud check dns, gateway, proxy sever.

16099

inside

Participant

16000

Best Practices for Identity Collector Architecture

16000

inside

Contributor

988

Brute-Force Attack on Check Point Mobile VPN: Multiple IPs and Fake Usernames

988

Solved

inside

Collaborator

998

Firewall - Automating Firewall Rule Cleanup Based on Usage

998

inside

Employee

989

CVE-2025-45582 - tar: Tar path traversal

1102

Solved

inside

Advisor

243

Peer certificate verification failed after certificate replacement

243

Solved

inside

Contributor

19049

How to list arp table and identify network devices with mac under Check Point FWs

19049

Solved

inside

Explorer

586

Remote Access VPN – Can specific routes be assigned to particular users?

586

inside

MVP Gold

1182

R8x - Performance Tuning Tip - Appliance Sizing

1182

inside

Participant

3726

SMS Upgrade from R81 to R82 : Migrate export Warnings, S2S VPN

1209

Solved

inside

Contributor

406

add rule to policy via mgmt_Cli fails

406

inside

Explorer

245

Behaviour after regular contract/subscription expiration

297

Solved

inside

Advisor

542

Log file isn't shown automatically after upgrade to R82

542

Solved

inside

Explorer

455

How to perform manual fail-over between instances of Virtual System in VSX cluster in VSLS mode

455

Solved

inside

Explorer

1270

Migrating from Check Point 3600T to Quantum Spark 1600,Need Help with VPN User Certificate Migration

1270

inside

Participant

720

7000 appliance R81.20 iSO image install

720

inside

Explorer

162

Unable to take ssh for MGMT Port

162

Solved

inside

Advisor

344

Updatable (geo) objects and IP addresses, again

344

Solved

inside

Advisor

779

Renaming a Gateway Node in a Cluster

779

Solved

inside

Advisor

406

Best Practices for Upgrading an HA Cluster from R81.10 to R81.20

406

inside

MVP Gold

257

R82.10 - Hardware Security Module (HSM) for TLS 1.3

257

Solved

inside

Advisor

2782

How do you keep track of the latest FW/OS updates?

2782

Solved

inside

Advisor

1515

Manual FTP transfers are always corrupted while scheduled backups are not

419

inside

Employee

168

Estimated R82 release recommended date?

3056

inside

Collaborator

3518

Anti-bot Update failed. Contract entitlement check failed. Gateway can not access internet

3518

Solved

inside

Explorer

331

Monitord process consume high cpu, does it safe to terminate the process during production hour?

331

inside

Collaborator

742

We want to upgrade our management station from R81.20 to R82 and followed by the upgrade of Gateways

801

Solved

inside

Contributor

916

Zero-downtime migration/upgrade to new hardware (ClusterXL Active/Standby)

916

inside

MVP Gold

4277

'fw ctl conntab -x' issue in R81.10

4277

Solved

inside

Advisor

1354

How to view the connections of the dynamic dispatcher's table

1354

Solved

inside

Collaborator

357

Check Point Management Server - insufficient space in the /opt/cpdabackup/backup directory.

357

inside

Explorer

1510

Remote Access Location Awareness - DC Check

802

inside

Participant

355

A suspicious traffic log was observed during monitoring

355

inside

Admin

6331

Inside the SharePoint Zero-Day (CVE-2025-53770): What It Means and How to Stay Protected - Materials

6331

inside

Explorer

184

I need Check_Point_R81.20_T631_ScalablePlatform

401

inside

Participant

2831

Questions about User Mode and Kernel Mode

2831

inside

Explorer

536

Cannot start Mobile Access Portal Agent

536

inside

Advisor

315

Openserver Dell R660xs, anyone ever tried this machine?

315

inside

Explorer

697

SharePoint Zero-Day CVE-2025-53770 Actively Exploited - Take actions!

1392

Solved

inside

Collaborator

28103

Unable to establish the SIC(Outgoing Policy)

262

inside

Employee

892

Be Your Own TAC Part Deux EMEA: Advanced Gateway Troubleshooting Commands, Video and Slides

6203

inside

Admin

2775

Be Your Own TAC Part Deux Americas: Advanced Gateway Troubleshooting Commands, Video and Slides

2775

inside

MVP Gold

336

RA clients not able to access external cluster interface

336

inside

Explorer

339

Microsegmentation with Firewall Hardware

339

inside

Explorer

296

the new subnets are unable to communicate through the existing VPN tunnel

296

inside

Participant

480

SMS migration from XCP-NG to ProxMox

480

inside

Advisor

4338

Take logging out of the implied rules

807

inside

MVP Gold

1565

SmartConsole Shortcuts - cheat sheet

1565

inside

Explorer

487

I can't find how my dns host is used within the FW object.

487

inside

Explorer

4001

Checkpoint Gateway sending DNS requests to DNS server for malicious URLs

4001

Solved

inside

Explorer

522

BGP route on Maestro Active/Active are showing as inactive/unusable

522

inside

Employee

269

Introducing Managed SmartAwareness: Cyber Training, Fully Guided by Experts

269

Solved

inside

Contributor

747

LOM interface - Console Session

747

Solved

inside

Collaborator

722

Reducing /var/log partition size on Gaia OS

722

Solved

inside

Collaborator

12901

https inspection tip/feedback/suggestion

621

inside

Explorer

351

Disable Camelia Cipher on the firewall

351

inside

Collaborator

429

always-connect for standalone vpn client

429

Solved

inside

Collaborator

1178

Policy Installation Failed(Time out)-SMB Appliance

1178

Solved

inside

Admin

2978

New Products Introduction July 2025: Video, Slides, and Q&A

2978

Solved

inside

Advisor

476

Export all gateways IPs MDS + VSX

476

inside

Collaborator

702

Unable to access Site(CPNotEnoughDataForRuleMatch)

702

inside

Employee

331

Big News: Check Point Services Now Live on AWS Marketplace - Let’s Get the Word Out!

331

Solved

inside

Advisor

2306

Clarification Needed on fwaccel stat

2306

Solved

inside

Explorer

395

How to renew GAIA web certificate.

395

Solved

inside

Advisor

895

Deleting a Checkpoint host object from smart console

348

Solved

inside

Contributor

718

Netflow Export with Physical Ip in cluster environment

167

Solved

inside

Advisor

493

Moving a Gateway from One CMA to Another

493

inside

Explorer

225

Logs not showing up in SmartConsole after policy install

225

inside

Collaborator

2327

VIP IP Change Not Reflected in PDP/PEP Still Shows Old IP

185

inside

Admin

358

From OT to Cloud: A Security Blueprint for Manufacturers - Americas - Recording + Slides

358

inside

Collaborator

256

synchronize Identity sharing between the active and passive node

256

Solved

inside

MVP Gold

35903

Threat Prevention Policy fails to install to one security gateway only (Failed to handle indicators)

240

Solved

inside

Advisor

361

Request for Advice – Changing Management Interface and Default Gateway Without Connectivity Loss

361

Solved

inside

Employee Alumnus

3370

What is the difference between Custom Intelligence feed and Network Feeds ?

3370

inside

Explorer

462

Static Hide Behind Gateway NAT

1052

inside

Admin

278

From OT to Cloud: A Security Blueprint for Manufacturers EMEA - Recording

278

inside

Employee

8035

New 3900 Branch office applainces were launched today 28/5

8035

Solved

inside

Contributor

273

telnet showing open port on ILO when its not when going via FW

273

inside

Explorer

577

Allow rule for site hosted on akamai CDN, only the first dns response seems to work

577

Solved

inside

Explorer

447

Identity Awareness Agents SK with direct links - published!

17897

inside

Advisor

307

Fresh Install Without USB, Possible From Boot Menu?

307

Solved

inside

Advisor

416

simple question about ISOmorphic

416

inside

Advisor

198

IPSec tunnel Setup [HUB and SPOKE Scenario] with Both spokes being non-checkpoint VPN Gateway

683

Solved

inside

Advisor

185

At a gateway, how do I determine what domain the gateway belongs to?

698

inside

Advisor

730

Policy location on a gateway R80

7742

Solved

inside

MVP Silver

244

GMSA/automated password rotation for Identity

244

inside

Collaborator

8023

Identity awareness collector changes user identity for same IP while connecting to RDP

8023

inside

Explorer

211

SNMP Issue after JHF 99 R81.20 VSX cluster

211

Solved

inside

MVP Gold

2742

Upgrade is failing from R81.10 to R82

2742

inside

Participant

4402

exclude checkpoint public/external ip from encryption domain?

4402

inside

Collaborator

849

Clarification on DNS Reputation Logs

849

inside

Employee

1395

Quantum Force performance boost is available post the release of R82 Jumbo #3 ( Take 25)

1395

inside

Advisor

633

Cluster Falover after every change on pbr, routing, ospf,...

8920

inside

Explorer

700

Capsule VPN mobile users can't connect

700

inside

Champion

45615

Can I directly search through solr indices using curl like elasticserch?

262

Solved

inside

Contributor

1076

lowering mtu on remote access vpn?

1076

Solved

inside

Contributor

760

CP21800 (R80.40 Jumbo T211) - reply not from Cluster IP

760

inside

Advisor

632

Is It Safe to Change SecureXL on a Cluster?

632

inside

Employee

305

Meet Your New Assistant: Infinity AI Copilot - video and materials

8279

inside

Collaborator

520

portal certificate can not upload file

520

Solved

inside

Collaborator

6506

BSI Common Criteria EAL4+ R82 Version + Jumbo Hotfix

466

inside

Employee

305

Security Engineer Eyes Only - Behind the Miercom Results

305

Solved

inside

Explorer

2249

Firewall-Blades Order of Operation

2249

inside

Participant

605

Hack Like a Pro: Break Into a Server Using the Kill Chain - Americas Recording

218

inside

Admin

269

Hack Like a Pro: Break Into a Server Using the Kill Chain - EMEA recording

269

inside

MVP Silver

507

Thales Mandatory Security Update - STA RADIUS Server to Enforce Message-Authenticator by July 31, 20

507

inside

Employee

1289

Upgrading Gateway to R82 while MDS on R81.20

546

inside

MVP Silver

1015

Trellix application not available in App objects

1384

Solved

inside

Explorer

1347

Upgrading Gateway 9100 to R82 via blink package

1347

Solved

inside

MVP Gold

401

Any idea when https inspection policy rules hit count will be available?

401

inside

Admin

1217

CPX 2025 Recap with Surprise Guest Veriti: Video and Slides

1217

inside

Advisor

3563

Traffic dropped only in clean-up rule??

3563

Solved

inside

Employee

17819

Tip of the week: Support Center's Upgrade Wizard

17819

Solved

inside

Collaborator

1927

route based VPN requires VPN domain

1927

inside

Explorer

478

Security Group name dinamec change

478

Solved

inside

Collaborator

1640

VPN gateway random UDP traffic to CP peers?

6110

Solved

inside

Advisor

12617

how to disable SecureXL for specific src to specific dst

12617

No messages.

General Topics

This space is for general questions about Check Point products and services that aren't specific to a product or service. Questions related to a specific product should be asked in the space relevant to that product.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

Upcoming Events

Sort by:

In-Person

Mon 27 Oct 2025 @ 09:00 AM (PDT)

Los Angeles, CA: Hands-on CloudGuard Workshops

Virtual

Tue 28 Oct 2025 @ 11:00 AM (EDT)

Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - Overview

Virtual

Tue 28 Oct 2025 @ 12:30 PM (EDT)

Check Point & AWS Virtual Immersion Day: Web App Protection

Virtual

Wed 29 Oct 2025 @ 03:00 PM (CET)

EMEA Deep Dive: Maestro Best Practices

In-Person

Wed 29 Oct 2025 @ 09:00 AM (PDT)

San Francisco, CA: Hands-On CloudGuard Workshops

Virtual

Wed 29 Oct 2025 @ 03:00 PM (EDT)

Americas Deep Dive: Maestro Best Practices

Virtual

Tue 28 Oct 2025 @ 11:00 AM (EDT)

Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - Overview

Virtual

Tue 28 Oct 2025 @ 12:30 PM (EDT)

Check Point & AWS Virtual Immersion Day: Web App Protection

Virtual

Wed 29 Oct 2025 @ 03:00 PM (CET)

EMEA Deep Dive: Maestro Best Practices

Virtual

Wed 29 Oct 2025 @ 03:00 PM (EDT)

Americas Deep Dive: Maestro Best Practices

Virtual

Thu 30 Oct 2025 @ 03:00 PM (CET)

Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEA

Virtual

Thu 30 Oct 2025 @ 11:00 AM (EDT)

Tips and Tricks 2025 #15: Become a Threat Exposure Management Power User!

In-Person

Mon 27 Oct 2025 @ 09:00 AM (PDT)

Los Angeles, CA: Hands-on CloudGuard Workshops

In-Person

Wed 29 Oct 2025 @ 09:00 AM (PDT)

San Francisco, CA: Hands-On CloudGuard Workshops

In-Person

Mon 03 Nov 2025 @ 09:00 AM (GMT)

Dublin, Ireland: Hands-On CloudGuard Workshops

In-Person

Tue 04 Nov 2025 @ 09:00 AM (EST)

Cincinnati, OH: Check Point & WIZ Cloud Workshops

In-Person

Tue 04 Nov 2025 @ 09:00 AM (CST)

San Antonio, TX: Hands-On CloudGuard Workshops

In-Person

Wed 05 Nov 2025 @ 09:00 AM (GMT)

London, UK: Hands-On CloudGuard Workshops

CheckMates Events

Are you a member of CheckMates?