cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
General Topics

Have a question and you can't figure out where to post about it after reading All Products and Where to Post About Them? Post it here!

Lillie_Miller
inside General Topics 5 hours ago
views 2599 4 8
Admin

Share your feedback for your chance to WIN new Apple AirPods Pro!

As a valued Check Point customer, your opinion matters to us greatly - and to your peers too! We invite you to review your Check Point Next Generation Firewall experience on Gartner Peer Insights. Watch this short video on how to submit a review. Reviews take approximately 10 minutes to submit and are anonymous. When your review is approved by Gartner, we’ll send you a $25 Amazon gift card and enter you into a raffle to win new Apple AirPods Pro!   What do I need to do?  Click here to submit your review on Check Point Next Generation Firewall Following your submission, you will receive 2 emails from Gartner: “Thank you for your review” "Thank you, your review has been approved!" Send the second email to customer_reference_program@checkpoint.com Redeem your $25 Amazon Gift Card & enter the raffle to win new Apple AirPods Pro!   What is Gartner Peer Insights? Peer Insights is an online platform of ratings and reviews of IT software and services. The reviews are written and read by IT professionals and technology decision-makers like you. The goal is to help IT leaders make more insightful purchasing decisions and help technology providers improve their products by receiving objective, unbiased feedback from their customers. Reviews take approximately 10 minutes to complete and are completely anonymous.   If you have any questions about Gartner Peer Insights, please email us at checkmates@checkpoint.com we are happy to answer any questions you have.   Thank you for your support!!
PhoneBoy
inside General Topics 6 hours ago
views 37
Admin

The R80.x Adoption Experience by the Numbers TechTalk: Q&A, Video, and Slides

How widely has Check Point R80.x been adopted? What was the path people took? What was the experience? With the help with @Jim_MacLeod and our friends from Indeni, we'll answer these questions in this TechTalk! Content available to CheckMates members: Slides Full Video Selected Q&A will be posted in the comments.Excerpt from the session below: (view in My Videos)  
kobilevi
kobilevi inside General Topics 7 hours ago
views 111 3

smartconsole 80.30 is crashing

helloi install the last version of smartconsole on my computer, my gaia server is installed on vmwork stationafter the installation and compalte the wizard in the web interface the system will reboted and  comes on.. but i lost the connection to the server -the web interface still up, but i cannot ping to the server from my computer - smartconsole is too dont work ping to my computer from the server is fine.. someone know what is the problem?   
Kaspars_Zibarts
Kaspars_Zibarts inside General Topics 7 hours ago
views 75 4 1

Calculate MQ cores when upgrading

Here's "Tims's" question 🙂 @Timothy_Hall  Trying to work out number of MQ cores for my upgrade from 41k to 26k (VSX but that's not the point) 41k processors are technically twice slower according to publicly available benchmarks (Xeon Gold 6254 CPU @ 3.10GHz vs Xeon CPU E5-2658 v2 @ 2.40GHz) Current 41k chassis runs 36Gbps accross 4 SGMs, so 9Gbps per SGM.  Each SGM is set up with 8 HT cores for MQ and it runs at 50% CPU / 9Gbps. FWK cores average 25% atm. Allocating 4 x 8 = 32 cores on the new 26k seems excessive, especially considering that actual CPU HW is much faster.   Having 72 HT cores in total I thought doing 24 (1/3) for MQ / SND and rest 48 for CoreXL. I need to leave room for growth of course. Note that most traffic currently is accelerated (>85%) Any thoughts on this? 🙂  
Niklas_Davidsso
Niklas_Davidsso inside General Topics 7 hours ago
views 67 10 1

MAC Address 0000.0000.0101 and 0000.0000.0100

Hey!  So i have a problem, i have 7ish ClusterXL sites.  and when i try to preform a migration on my ISP they get a loop from my Firewalls.after i tracked it i see this problem on every ClusterXL site. They all have the same MAC Address  Site X 0000.0000.0100 dynamic ip,ipx,assigned,other TenGigabitEthernet2/1/4 0000.0000.0101 dynamic ip,ipx,assigned,other TenGigabitEthernet1/1/4 Site Y0000.0000.0100 DYNAMIC Gi0/200000.0000.0101 DYNAMIC Gi0/43 Anyone knows how to disabel this fake address ?  
Tenou
Tenou inside General Topics 13 hours ago
views 39 1

Swapping CPU of P-210/12200

Hey there,I know this is quite an unusual and most likely undesirable question, but I'm thinking about bying two used P-210 (also known as 12200) and transforming them into pfsense appliances. Only problem is, that they don't have AES-NI. So naturally, I thought about just swapping the i5-750 they come with out against an i5-680. They don't have any guarantee, support contract, licenses whatsoever. So I don't care about any of that.Are there any hardware/firmware restrictions that'd prevent the appliance from functioning normally afterwards? Or is it just plug'n'play?Thanks in advance!
FXE
FXE inside General Topics 14 hours ago
views 47 1

Difference of Identity Awareness and User Directory

Hi Guys,I've used already the IA blade before but recently I noticed there is also User Directory option and it seems to be the same way as IA does. May I know what is the difference between the two and which one is better to use?Thanks
Kaspars_Zibarts
Kaspars_Zibarts inside General Topics 14 hours ago
views 541 3 1

CP rejecting all my emails as spam today

This is number 4 ... all to different users and different content<support@checkpoint.com>: host 127.0.0.1[127.0.0.1] said: 554 Spam email. Email    Session ID: {5C57D034-0-80261DC2-428D} (in reply to end of DATA command)anyone else or just me
Czar
Czar inside General Topics yesterday
views 78 3 1

Check Point for Beginners - Part 2 - Preparing the Lab

Thank you Val Loukine (and other admins) for his page CP4B. Really helpful.I am new to Check Point. I changed company and will have to use this technology. In the past I used Cisco, Palo Alto, PfSense. In Part 2 the lab is discussed. I think I might be short in resources to make the lab :-(. I have a mini desktop with Intel(R) Core(TM) i5-8500T CPU @ 2.10GHz, 2112 MHz, 6 core('s) and 12GB ram. I don't have access to a nice ESXI environment with lots of ram and storage. Has someone else experience with a setup like mine using VMware Workstation and only 12GB of ram? Also I try to figure out what the comment of Vladimir means at the end of the page. Should I use Virtual Box instead of VMware Workstation?Last question; I used GNS3 in the past for Cisco labs. Is this an even better option for a lab setup? 
Stefano_Chiesa
Stefano_Chiesa inside General Topics yesterday
views 114 5

HTTP ACCESS enbled by implied rule

Hello all.I noticed that HTTP access to each of nodes in a cluster is enabled by implied rules.Is there a way to disable it? Maybe locally because the customer have 5 clusters under the same Management and I would like to avoid global changes...Below the enabled blades and the log row.Thanks in advance.Regards.Stefano.
HUNT_LEE
HUNT_LEE inside General Topics yesterday
views 54 1

Please help!

Hi all,I have a spare laptop for testing (sitting on my desk).However, when i reviewed the checkpoint logs this morning, I saw there was another user that appeared on the "source username".Does this mean that user had logged in to my spare laptop? Or is it somehow a duplicate address clashed or something?CheersLee
Sukru_isik
Sukru_isik inside General Topics yesterday
views 1495 13 2

Https inspection Validation error

Hello  ,I have checkpoint with version R80.20.I have enabled https inspection and using Sophos endpoint agent.Agents are managed on cloud side. When we want to install agent , we are taking a log like below and  we couldnt install it. I have written exception url like "*.sophos.com" on inspection rules, but it is not working.(When I disable https inspection completely, the agents are installed succesfully.)How can I solve this problem?
Terry
Terry inside General Topics yesterday
views 268 10

SecureXL Accelerated path at 20% R77.30

I cannot find the reason that our CP firewalls only accelerate 20% of our traffic. We run VSX, CoreXL is enabled. I have reviewed the Max Power V2 guide for tuning. I'm at a loss. Any ideas? [Expert@PROD-B:10]# fwaccel statAccelerator Status : onAccept Templates : enabledDrop Templates : disabledNAT Templates : disabled by userAccelerator Features : Accounting, NAT, Cryptography, Routing,HasClock, Templates, Synchronous, IdleDetection,Sequencing, TcpStateDetect, AutoExpire,DelayedNotif, TcpStateDetectV2, CPLS, McastRouting,WireMode, DropTemplates, NatTemplates,Streaming, MultiFW, AntiSpoofing, Nac,ViolationStats, AsychronicNotif, ERDOS,NAT64, GTPAcceleration, SCTPAcceleration,McastRoutingV2Cryptography Features : Tunnel, UDPEncapsulation, MD5, SHA1, NULL,3DES, DES, CAST, CAST-40, AES-128, AES-256,ESP, LinkSelection, DynamicVPN, NatTraversal,EncRouting, AES-XCBC, SHA256[Expert@PROD-B:10]# fwaccel stats -sAccelerated conns/Total conns : 16327/71523 (22%)Delayed conns/(Accelerated conns + PXL conns) : 602/68790 (0%)Accelerated pkts/Total pkts : 63124135/190394161 (33%)F2Fed pkts/Total pkts : 20142622/190394161 (10%)PXL pkts/Total pkts : 107127404/190394161 (56%)QXL pkts/Total pkts : 0/190394161 (0%)[Expert@PROD-B:10]# grep -c ^processor /proc/cpuinfo && /sbin/cpuinfo6HyperThreading=disabled[Expert@PROD-B:10]# vsenv 0Context is set to Virtual Device PROD-B (ID 0).[Expert@PROD-B:0]# fw ctl affinity -l -rCPU 0: Sync MgmtCPU 1: eth1-04CPU 2:CPU 3:CPU 4:CPU 5:All:[Expert@PROD-B:10]# netstat -niKernel Interface tableIface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flgeth1-04.9 1500 0 23492538 0 0 0 20331997 0 0 0 BMRUeth1-04.86 1500 0 2087760167 0 0 0 3853436307 0 0 0 BMRUeth1-04.95 1500 0 196787791 0 0 0 85395544 0 0 0 BMRUeth1-04.803 1500 0 156942065 0 0 0 162015933 0 0 0 BMRUeth1-04.825 1500 0 16917067 0 0 0 12161382 0 0 0 BMRUlo10 16436 0 159309633 0 0 0 159309633 0 0 0 LRUwrp640 1500 0 38286940 0 0 0 6429621 0 0 0 BMRUwrp641 1600 0 11803588 0 0 0 42741043 0 0 0 BMRUwrp642 1500 0 10795355 0 0 0 4582615 0 0 0 BMRUwrp643 1500 0 16293750 0 0 0 21117665 0 0 0 BMRUwrp644 1500 0 7055301 0 0 0 2288196 0 0 0 BMRUwrp646 1500 0 5620843 0 0 0 2833859912 0 0 0 BMRUwrp648 1500 0 1776562 0 0 0 2254472498 0 0 0 BMRUwrp649 1500 0 7537011 0 0 0 4227601 0 0 0 BMRUwrp650 1500 0 6117743 0 0 0 826096629 0 0 0 BMRUwrp651 1500 0 7146004 0 0 0 3435033 0 0 0 BMRUwrp652 1500 0 7692419 0 0 0 14455124 0 0 0 BMRUwrp653 1500 0 7238752 0 0 0 3655612 0 0 0 BMRUwrp654 1500 0 26167255 0 0 0 456417780 0 0 0 BMRU[Expert@PROD-B:10]# fw ctl multik statID | Active | CPU | Connections | Peak----------------------------------------------0 | Yes | 2-5 | 25185 | 598891 | Yes | 2-5 | 15316 | 381492 | Yes | 2-5 | 15463 | 492103 | Yes | 2-5 | 17479 | 56844[Expert@PROD-B:10]# cpstat os -f multi_cpu -o 1 -c 5Processors load---------------------------------------------------------------------------------|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|---------------------------------------------------------------------------------| 1| 8| 38| 54| 46| ?| 23016|| 2| 8| 37| 55| 45| ?| 23016|| 3| 20| 19| 61| 39| ?| 23016|| 4| 23| 17| 60| 40| ?| 23016|| 5| 20| 20| 60| 40| ?| 23016|| 6| 20| 20| 60| 40| ?| 23016|---------------------------------------------------------------------------------Processors load---------------------------------------------------------------------------------|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|---------------------------------------------------------------------------------| 1| 8| 38| 54| 46| ?| 23016|| 2| 8| 37| 55| 45| ?| 23016|| 3| 20| 19| 61| 39| ?| 23016|| 4| 23| 17| 60| 40| ?| 23016|| 5| 20| 20| 60| 40| ?| 23016|| 6| 20| 20| 60| 40| ?| 23016|---------------------------------------------------------------------------------Processors load---------------------------------------------------------------------------------|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|---------------------------------------------------------------------------------| 1| 10| 38| 53| 47| ?| 73050|| 2| 11| 41| 49| 51| ?| 73051|| 3| 20| 23| 56| 44| ?| 73052|| 4| 28| 23| 49| 51| ?| 73054|| 5| 18| 27| 56| 44| ?| 73054|| 6| 23| 25| 52| 48| ?| 146113|---------------------------------------------------------------------------------Processors load---------------------------------------------------------------------------------|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|---------------------------------------------------------------------------------| 1| 10| 38| 53| 47| ?| 73050|| 2| 11| 41| 49| 51| ?| 73051|| 3| 20| 23| 56| 44| ?| 73052|| 4| 28| 23| 49| 51| ?| 73054|| 5| 18| 27| 56| 44| ?| 73054|| 6| 23| 25| 52| 48| ?| 146113|---------------------------------------------------------------------------------Processors load---------------------------------------------------------------------------------|CPU#|User Time(%)|System Time(%)|Idle Time(%)|Usage(%)|Run queue|Interrupts/sec|---------------------------------------------------------------------------------| 1| 7| 36| 57| 43| ?| 74892|| 2| 11| 41| 48| 52| ?| 74896|| 3| 24| 24| 53| 47| ?| 149796|| 4| 19| 22| 59| 41| ?| 149800|| 5| 22| 26| 53| 47| ?| 74901|| 6| 21| 28| 51| 49| ?| 74902|---------------------------------------------------------------------------------   
Yifat_Chen
inside General Topics yesterday
views 59 1
Employee++

SmartConsole R80.10 (GA Build #176) is now available (Replacing Build #161)

A new GA SmartConsole (Build #176) for R80.10 (Replacing Build #161)  is available. Please refer to sk119612 Thanks,  Release Management team      
Vijay_Nagaraj
Vijay_Nagaraj inside General Topics yesterday
views 4695 7

Time Based Rules

Hi team,I have a situation like am able to see lots of time based rules created in the firewall , in the overview screen am able to view 20 time based  rules , due to high volume of rules am not able to scroll it and find it , I tired filtering it , but I could not do it , also I don't have  any 3rd part tools to do the same, as of now I don't have the CLI access also, could any one let me know how to filter the same and see those rules in the dashboard please?Thanks in advanceV