General Topics

Keep Your Networking Peers Happy
With Secure SD-WAN

Watch Now

Infinity Events Improvements
Help us with the Short-Term Roadmap

Take the Survey

Secure the GenAI Revolution!
The All-New GenAI Security from Check Point

Watch Now

CheckMates Toolbox Contest 2024
Make Your Submission for a Chance to WIN up to $300 Gift Card!

LEARN MORE!

CheckMates Go:
Harmony Endpoint -- What's New and Deployment

LISTEN NOW

Create a Post

RECENT POSTS

MOST POPULAR

FEATURED POSTS

Solved

inside

Contributor

21999

Gateway Cluster Hardware Upgrade

21899

Solved

inside

Collaborator

21700

ICMP reply does not match a previous request

21700

Solved

inside

Participant

21699

FW-1: [cul_load_freeze][CUL - Cluster] CUL should be OFF...

21699

Solved

inside

Contributor

21599

Stealth rule vs Management Rule

21499

Solved

inside

Participant

21400

Check Point issues even they can’t resolve!

21400

inside

Champion

21000

HTTPS inspection with trusted certificate

20199

inside

Participant

20199

Get all the Gaia version and installed jumb hotfix

20199

inside

Participant

19899

Monitoring standby member in a cluster

19899

Solved

inside

Advisor

19898

R81 - SNMP does not support SHA1 anymore

19898

inside

Champion

19699

logical interface as next hop for routes on cluster members that DO NOT use VIPs in different subnet

19699

inside

Participant

19600

Best practise - How often do you patch/upgrade your gateways?

19599

inside

Participant

19501

How can I find Throughput statistics?

19501

inside

Contributor

19500

Dedicated routing table of Mgmt Port Require In checkpoint which is not available in present device

19499

inside

Collaborator

19399

How to get interface status of particular time slot

19399

inside

Contributor

19399

R80.10 gateway, can't set sim_clamp_vpn_mss

19399

inside

Participant

19236

Domain Object when FQDN has multiple DNS results

19236

inside

Contributor

19199

how to check VPN phase 1 and phase 2 status?

18899

inside

Admin

18799

R77.30 Take 286: New Jumbo Hotfix GA Release

18799

Solved

inside

Contributor

18699

Can't access SmartConsole ("Unable to connect to server") but can access WebUI...

18699

inside

Explorer

18600

Policy Based Routing and default route / features

18600

inside

Champion

18501

Check Point Site-to-Site VPN Compatibility Matrix

18501

inside

Explorer

18500

Problem IP Sec VPN Checkpoint > Juniper no response from peer. IKE failuret

18500

inside

Participant

18399

Pulling FW data fron MDS using a script.

18399

inside

Explorer

18299

Checkpoint 5600 - Alternative Virtual Appliance options for on premise deployment?

18299

Solved

inside

Advisor

18299

Most URLs categorized as X-VPN this morning

18299

inside

Admin

18199

All Products and Where To Post About Them

18199

Solved

inside

Collaborator

18099

How to handle core-dumps and crash dumps

18000

inside

Champion

17999

HP Server DL360/380 G9 reboot issue!

17999

Solved

inside

Participant

17899

What's different meaning of Redirect, Detect, Drop, Block and Prevent?

17899

inside

Champion

17799

Check Point Support Resources - Top 10

17799

inside

Employee

17799

New documentation format for Jumbo SK

17799

inside

Admin

17799

TechTalk Special Edition: The Apache log4j Vulnerability Explained

17799

inside

Champion

17600

Update R80.20+ Security Gateway Architecture (Logical Packet Flow)

17600

inside

Participant

17400

Site-to-site vpn Tunnel to a non Checkpoint Gateway

17400

inside

Collaborator

17399

Gaia Portal shows blank page after log in with Firefox 5x or Chrome 66 - Fixed in sk121373

17399

inside

Collaborator

17299

Aruba Clear Pass Integration - API

17299

inside

Contributor

17199

Which version is better? R80.10 or R77.30

16999

inside

Contributor

16999

Discovering changes in topology table

16999

inside

Champion

16900

R80.40 - Dynamic split of CoreXL

16900

inside

Advisor

16900

Outbound SSL Inspection: A war story

16900

Solved

inside

Participant

16799

How to show the active connection to a specific host

16799

Solved

inside

Advisor

16702

How to see what firewall rules match some traffic

16702

Solved

inside

Contributor

16700

Finding root cause for all the F2F traffic

16700

inside

Legend

16700

"Max Power" Book Second Edition Released!

16700

inside

Contributor

16699

How can I setup a primary and backup S2S VPN tunnels

16699

Solved

inside

Contributor

16599

How to list arp table and identify network devices with mac under Check Point FWs

16599

inside

Participant

16500

CheckPoint redirect to IP address 62.0.58.94

16500

Solved

inside

Advisor

16399

Disable NAT on SIP payload - breaks ICE

16399

inside

Advisor

16399

Let's create Check Point Super Cheat Sheet

16399

inside

Explorer

16399

Domain object is not working in R80.10 properly

16399

Solved

inside

Contributor

16300

static NAT vs hide behind an IP

16299

inside

Admin

16299

R80.30 Early Availability Program is started!

16299

inside

Advisor

16203

Activating Identity Awareness to Intergrate AD

16203

Solved

inside

Contributor

16199

Custom URL matching with HTTPS categorization

16199

Solved

inside

Champion

16100

R80.20 Issue : Monitoring standby cluster members via VPN

16100

inside

Explorer

16100

What is route and how to configure route?

16100

inside

Employee

16100

R80.40 IPSEC VPN shows stuck at Phase I but is fully operational

16099

Solved

inside

Explorer

16000

Check Point Clustering between two Datacenters

15999

inside

Admin

15903

Security Gateway Performance Optimization Excerpt

15903

inside

Admin

15886

R80.30 Technical Update TechTalk

15886

inside

Collaborator

15800

Check Point Deployment Shell internal error

15800

inside

Advisor

15800

Do any Checkpoint appliances offer SSL offload?

15800

inside

Champion

15799

Check Point Support Tools - Top 10

15799

inside

Advisor

15799

Unable to open URL Categorization link

15799

inside

Admin

15799

Website to check latest IPS update version number

15799

inside

Explorer

15700

Packets from IPSec tunnel were dropped. It seems there is an issue on the coreXL connections table

15700

inside

Participant

15699

Types of NAT used in checkpoint firewall

15699

inside

Participant

15699

Can you explain the impact of using fwstop and cpstop ?

15699

inside

Participant

15698

Both security gateways are active in the Full HA cluster

15698

inside

Advisor

15499

Stateful Inspection on Gateways

15499

Solved

inside

Champion

15499

Gateway behind NAT. What limitations am I to be aware of?

15499

inside

Champion

15499

Open Server - HCL for multi queue network cards

15499

inside

Authority

15399

Performance of a single connection ?

15399

inside

Explorer

15299

Delete a specific connection entry in Checkpoint Gateway

15299

Solved

inside

Advisor

15199

Hide NAT: Simultaneous Connections to the same destination

15199

inside

Advisor

15199

LDAP Authentication failed in SSL VPN

15199

inside

Explorer

15198

ISP Redundancy (load sharing) issue in R80.10

15198

inside

Explorer

15197

Verify Enabled Cipher Suites in HTTPS Inspection

15197

inside

Advisor

15099

Showing logs "Missing OS Route" when place new CP Appliance (Suspect ARP issue)

15099

inside

Advisor

15000

Remote Access VPN in a Load-sharing Cluster Environment

15000

inside

Participant

14999

IPSec Tunnel Failing to establish

14999

inside

Participant

14999

How to check ThreatCloud URL Reputation?

14900

inside

Participant

14899

Combine VLAN and physical interface, which already has an assigned IP

14899

inside

Champion

14898

Identity Awareness getting DC Name only

14898

inside

Explorer

14800

Creating multiple VPN site to site connections on CheckPoint

14800

inside

Collaborator

14799

Request for VSX training Videos R80.10 or R77.X

14799

Solved

inside

Champion

14798

Increasing Fifo Buffers on Firewall Interface

14699

inside

Explorer

14699

Identity Awareness Agents SK with direct links - published!

14500

inside

Contributor

14499

NAT Exhaustion - Hide NAT failures

14299

inside

Champion

14200

Configuring dynamic routing in clustered VSX

14200

inside

Participant

14199

Untrusted TLS/SSL server X.509 certificate

14199

inside

Collaborator

14199

Report show spam category with "accept" actions but not blocking

14199

inside

Collaborator

14199

ISP Redundancy & Policy Based Routing

14199

inside

Collaborator

14099

SecureXL R80.20 - Issue on ALL High TCP Ports

14099

inside

Advisor

14099

What does high si mean on a FW Worker core?

14099

inside

Advisor

14000

R80.20 strange behaviour - random TCP session timeout values - fw ctl conntab

13999

inside

Participant

13999

Application database update failed

13999

inside

Contributor

13999

Microsoft Activation negatively impacted by HTTPS Inspection

13999

inside

Explorer

13899

Site-to-Site VPN connection issue with CISCO ASA

13899

inside

Advisor

13899

Https inspection Validation error

13899

Solved

inside

Participant

13897

Encryption domain mismatch even though its set it up correctly

13799

Solved

inside

Employee Alumnus

13700

Share your feedback for your chance to WIN new Apple AirPods Pro!

13700

inside

Collaborator

13700

Permit ICMP request only in several networks

13700

inside

Contributor

13699

How to create QoS rule to limit bandwith per user

13402

Solved

inside

Advisor

13399

CheckPoint TLS 1.3 support: When?

13399

Solved

inside

Contributor

13399

Tunnel mode VPN and Transport mode VPN

13300

inside

Explorer

13299

can I export the list of web application categories

13299

Solved

inside

Explorer

13299

How to check telnet is enable or not.

13299

inside

Contributor

13299

R80.10 - VPND process utilizes a large amount of CPU

13299

Solved

inside

Participant

13299

Getting error “dropped by fwpslglue_chain Reason: PSL Drop: internal - streaming;"

13201

inside

Contributor

13199

Setting Up Site-to-Site VPN to 3rd Party Gateway

13199

inside

Advisor

13199

Application Control can not catch Opera web browser VPN

13199

inside

Employee

13196

User-Space firewall support for R80.30 3.10 and above

13196

inside

Participant

436

There are no log servers available, Check your log server configuration

436

inside

Contributor

385

Failed to update Internal CA Database

385

Solved

inside

Contributor

761

How can we integrate two policy packages?

255

inside

Participant

209

AD Query does not work with the new domain controller.

209

inside

Advisor

391

sk171052 - Mistakes in https links

301

inside

Explorer

164

Admin password on open server recovery

164

inside

Participant

237

Change OSPF RouterID without remove config . Available options.

237

inside

Explorer

156

Get a chance to influence Check Point Operational Technology roadmap!

1630

Solved

inside

Collaborator

245

About the IP addresses of corporate cluster members

245

Solved

inside

Collaborator

508

Blocking READ.AI for All Users and Devices

508

inside

Admin

1089

Replacing RSS in SupportCenter

1089

Solved

inside

Advisor

2315

Request Standard Process to add a new 6400 cluster member to MDS

301

inside

Advisor

321

Need Confirmation on Correct IOC CSV Format for Threat Prevention Policy

321

inside

Explorer

320

Query about threat prevention updates with eval license.

320

inside

Participant

277

OSPF doesnt start after upgrade to R81.20

277

Solved

inside

Advisor

306

cp_log_export - src/dst ip object name

306

inside

Advisor

903

Problem with access to WebService

903

inside

Contributor

386

Changing the password - the old and the new one work

596

Solved

inside

Advisor

6212

Is Check Point Gaia vulnerable towards this new cve-2024-6387 in OpenSSH?

6212

inside

Advisor

427

Custom IOC Feed Validations - CSV (R81.10 verse R8.120)

427

inside

Advisor

366

SmartConsole enhance visibility

366

inside

Explorer

669

Migrating Checkpoint Management Server from Hyper-V to AHV

669

inside

Participant

181

Cluster XL - High Availability for two checkpoint Appliances in different buildings

181

inside

Explorer

458

In the Threat Prevention view from Check Point, the number of Prevented Attacks displayed varies.

458

inside

Advisor

186

open server and virtual vm licensing

186

Solved

inside

Contributor

836

R81.20 Take 70 - API readiness test failed

836

inside

Advisor

521

Switched from embedded to full Gaia OS GW, gateway object not updating "Topology" to "Network Mgmt"

365

Solved

inside

Explorer

223

Take 65 or Take 70 - Impossible to install on 5800 appliance R81.20

1888

Solved

inside

Employee

4233

R81.20 New Recommended Jumbo - Take #53

4233

Solved

inside

Explorer

42144

how to check licence of checkpoint?

42144

inside

Explorer

172

Connecting Remote Gateway to SMS

265

Solved

inside

Participant

411

Adding an entry to the connections table

421

inside

Explorer

374

License and Support Expired Behaviors

374

inside

Collaborator

5521

Route Internet Traffic to Site over VPN Tunnel

5521

Solved

inside

Contributor

340

Unblock local VPN users after Take 53

340

inside

Collaborator

2084

Identity awareness collector changes user identity for same IP while connecting to RDP

2084

inside

Contributor

203

sk174045:Wrong rule match on the first access to a URL or website

203

inside

Advisor

585

Disable weak Kex and Macs on R81.20

585

inside

Collaborator

505

How to install Python environment on Gaia OS

334

Solved

inside

Participant

960

Uploading External Certificate on Checkpoint Gateway

479

inside

Participant

604

CPD in Terminate status on Standalone

604

Solved

inside

Explorer

216

checkpoint publish session name is null

216

Solved

inside

Participant

1557

Failed to deccrypt CP Site Response...

3527

inside

Advisor

3880

Intermittent Connection after migration to Maestro

282

inside

Explorer

436

R82 - HealtCheck Point feaure in SmartConsole

2050

inside

Contributor

298

Maestro with VSX and VSLS enabled

298

inside

Advisor

1723

SecureKnowledge: Subscribe for updates of specific SKs

1723

Solved

inside

Explorer

578

Asterisk Usage in Creating Domain Object

578

inside

Advisor

386

Best Practice for Expired rule

386

inside

Mentor

431

Failed to get metadata for the package

1899

Solved

inside

Advisor

793

Does Multi-Domain Server always need to have higher hotfix version than the Firewall Gateway in it?

283

inside

Leader

248

Google will not trust Entrust certificates issued after October 31, 2024

248

Solved

inside

Participant

604

Do I need to install policy after each HOTFIX upgrade?

604

Solved

inside

Participant

484

Standard Hotfix update process

484

inside

Advisor

363

R81.20 JHF65 | Firewall Initiated Traffic Now Considered In VPN Domain

363

Solved

inside

Explorer

8644

SPLAT R75.40 - disable TCP / ICMP timestamp

8644

Solved

inside

Advisor

244

Custom Intelligence Feed Exceptions Not Working

7287

Solved

inside

Contributor

629

Export Policy name: Standard of the gateway

629

Solved

inside

Advisor

360

Multiple ClusterXLs on the same subnet

360

Solved

inside

Collaborator

1836

Clarification on sk110096 / Trunk connections with Cisco devices

1836

inside

Contributor

783

Questions about CPUSE on Maestro VSX

783

inside

Admin

1926

Hunting Malware Using Memory Forensics TechTalk June 2024: Video and Slides

1926

inside

Advisor

400

don't display gw infomation on SMC

185

inside

Employee

284

R81.10 Jumbo Hotfix Accumulator take #152 has been released today

284

inside

Collaborator

618

How to add new Qumatum gateway on running smart-1 appliance

618

Solved

inside

Contributor

777

Do I need to create manually Site-Site tunnels with firewalls before SDWAN

368

Solved

inside

Contributor

374

HCP reports no objects available for SIC communication

374

Solved

inside

Explorer

896

Smart1-Cloud - SmartView and SmartEvent

896

inside

Explorer

445

no kex alg error while file transfer via SCP

445

inside

Contributor

205

Rx/Tx Laser power monitoring via SNMP

205

Solved

inside

Admin

58481

334

Important security update - stay protected against VPN Information Disclosure (CVE-2024-24919)

58481

334

inside

Explorer

1383

Cluster XL Secondary Gateway Cannot Access to the Internet or Gateway

1383

Solved

inside

Advisor

380

New R81.20 Log Server with error in SmartConsole (fixed with sk129632)

380

inside

Explorer

628

Source (hide behind) NAT non gateway IP and multiple ISPs

628

inside

Collaborator

174

up_rulebase_execute_match messages in /var/log/message

174

Solved

inside

Contributor

7338

Blink and Major Version not on the CPUSE except JHF Take 130

1007

Solved

inside

Contributor

731

Assistance Required: Coverage for 453 CVEs on Check Point Firewall

607

inside

Collaborator

317

IPSec between R81.20 VS gateway and MS Azure gateway

317

inside

Participant

166

No SFTP any longer only Aspera in Service Requests

166

inside

Contributor

289

sk180923 - How to migrate a policy package between Security Management servers

289

inside

Collaborator

523

Migrate Two Clusters to One Question

523

Solved

inside

Contributor

377

blink clean install on virtual gateways

377

Solved

inside

Advisor

936

Remote access community participating group using Azure saml authentication

936

inside

Contributor

627

No module named 'cpapi' - Export policy

627

inside

Advisor

970

URL Filtering Categories site is not up to date

970

inside

Explorer

205

JHF SMS, Log Server and Dedicated Smart Event

547

Solved

inside

Explorer

581

What is meant by Checkpoint Default Protection?

581

Solved

inside

Collaborator

1988

how to explain the following ?

1988

Solved

inside

Participant

807

Installing BYOL on Checkpoint Cloudguard

1277

inside

Explorer

2866

Suspecting Checkpoint Smart Console forward duplicate log to SIEM

2866

inside

Explorer

210

Object Extraction within an Ip range

210

inside

Collaborator

202

User Center Account and Company Change

202

inside

Contributor

792

Publishing an Internet service accessible through a site-to-site VPN

792

inside

Explorer

473

Exporting policy with hit counts crashes Smart Console and doesn't save CSV file.

473

inside

Champion

7316

ONELINER - Check CVE-2024-24919 Vulnerability

7316

inside

Champion

864

ONELINER - Password Bulk Operation (CVE-2024-24919)

864

Solved

inside

Explorer

2518

Checkpoint 4200 HA (stacked) vR77.20 is bricked with SIC issues after Gaia HOTFIX_R77_20

2518

inside

Explorer

216

Access to WEB services through two independent providers. MultiWAN DNAT

216

Solved

inside

Explorer

522

SIC option not showing in Gateway R81.20 version

522

Solved

inside

Explorer

626

How to do Bulk uploads of IOC IP's and URL's files in Checkpoint firewall

626

Solved

inside

Participant

515

How to disable NAT from VIP to Gateway when trying to ping GW?

515

inside

Employee

3417

Notes on Script to Identify vulnerable Security Gateways for CVE-2024-24919

3417

inside

Explorer

1809

Full HA cluster with MGMT sync not working

1809

inside

Champion

675

Feature Request Firewall + WAF (would have been protected against CVE-2024-24919)

675

Solved

inside

Explorer

539

What does the "take" number signify?

539

Solved

inside

Explorer

888

When does CPEarlyDrop occur with ACCPET action ?

850

Solved

inside

Collaborator

3460

80.40->81.20 Minimum Downtime Upgrade via Smart Console

3460

inside

Advisor

1293

AV and ABOT showing Different results in CLI and Smart console (Audit Point)

524

Solved

inside

Collaborator

778

Checkpoint FW R81 don't block SYN FLOOD

778

inside

Collaborator

3135

New VPN daemons in R81.10 / R81.20

5273

Solved

inside

Contributor

2020

IPS signature for CVE-2024-24919 not preventing

2020

Solved

inside

Participant

716

Configuration in XML file format

716

Solved

inside

Advisor

943

Recon User for CyberArk Password Rotation

943

inside

Contributor

1411

CheckPoint 15400 Gateway - R81.20

1411

inside

Champion

2363

Patch Installation Example (CVE-2024-24919)

2363

inside

Explorer

334

Traceroute shows Checkpoint VS Gateway as multiple hops

334

inside

Participant

427

Quantum Spark 1800 Load Balancing Option not Showing Up

427

No messages.

General Topics

This space is for general questions about Check Point products and services that aren't specific to a product or service. Questions related to a specific product should be asked in the space relevant to that product.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

Upcoming Events

Sort by:

In-Person

Tue 01 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Salzburg - Maintenance and Upgrade Best Practices

Virtual

Tue 01 Oct 2024 @ 03:00 PM (CEST)

Mastering Cyber Compliance: From Regulation to Legislation

In-Person

Wed 02 Oct 2024 @ 09:00 AM (CEST)

CheckMates Live France - Harmony Workshop

Virtual

Thu 03 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live BeLux: How to stay compliant with NIS-2 and DORA with Compliance Management Solution

In-Person

Thu 03 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Vienna - Identity Awareness Best Practices and Harmony Sase Updates

Virtual

Tue 08 Oct 2024 @ 03:00 PM (AEDT)

No Suits, No Ties: Vulnerabilities and workarounds, a story of compromise (APAC)

Virtual

Tue 01 Oct 2024 @ 03:00 PM (CEST)

Mastering Cyber Compliance: From Regulation to Legislation

Virtual

Thu 03 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live BeLux: How to stay compliant with NIS-2 and DORA with Compliance Management Solution

Virtual

Tue 08 Oct 2024 @ 03:00 PM (AEDT)

No Suits, No Ties: Vulnerabilities and workarounds, a story of compromise (APAC)

Virtual

Tue 08 Oct 2024 @ 10:00 AM (CEST)

No Suits, No Ties: Vulnerabilities and workarounds, a story of compromise (EMEA)

Virtual

Tue 08 Oct 2024 @ 11:00 AM (EDT)

No Suits, No Ties: Vulnerabilities and workarounds, a story of compromise (Americas)

Virtual

Wed 09 Oct 2024 @ 05:00 PM (CEST)

TechTalk: The New Quantum DDoS Protector Integration with PlayBlocks

In-Person

Tue 01 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Salzburg - Maintenance and Upgrade Best Practices

In-Person

Wed 02 Oct 2024 @ 09:00 AM (CEST)

CheckMates Live France - Harmony Workshop

In-Person

Thu 03 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Vienna - Identity Awareness Best Practices and Harmony Sase Updates

In-Person

Tue 15 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Zurich - What's new in R82!

In-Person

Thu 17 Oct 2024 @ 10:00 AM (CEST)

CheckMates Live Geneva - What's New is R82!

In-Person

Tue 05 Nov 2024 @ 09:00 AM (CET)

CheckMates Live France - R82 Workshop!

CheckMates Events

Are you a member of CheckMates?