- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi mates,
I upgraded the checkpoint SMS of my customer (VM) from R75.40 to R80.10 with the advanced upgrade ( exporting and importing the DB).
On the New VM, the SIC is okay with all the Gateways but when I try to install the policy from the new SMS with the version R80.10 I am encoutering lot of errors,
Please take a look on the file attached, there are the errors of the policy installation,
May some one had this problem?
But when I checked the result of ./pre_upgrade_verifier -p $FWDIR -c R75.40 -t R80.10 on the source i get that:
Action items before upgrade:
================================
Warnings: It is recommended to resolve the following problems.
==============================================================
Title: Legacy Default Profiles are not supported
-----
* Description: The Database has Legacy Default Profiles.
They will be deleted:
Read_Only,
Read-Write
==============================================================
Action items after upgrade, before first installation:
==============================================================
Warnings: It is recommended to resolve the following problems.
==============================================================
Title: OPSEC was modified in R80.
-----
* Description: The Database includes one or more OPSEC applications.
Please check your OPSEC vendor documentation for the following applications:
OPSEC_QRadar
Thank you for the help,
Aymen,
If you are encountering rule hiding errors during policy installation after the management upgrade to R80.10, that is not completely unexpected. The policy verification code was tightened up significantly in R80+ management, and policies that passed verification in R77.30 and earlier may not necessarily pass under R80+ management. Just a matter of going through your policy layers and resolving the conflicts like usual...
--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com
None of these errors in the pre_upgrade_verifier are related to your policy installation errors.
It would be helpful if you posted the actual errors you get during policy installation.
Like Tim Hall said, the policy verification code has been tightened up in R80.10.
There is no errors on the policy installation within the old SMS R75.40
I get those errors only on the R80.10 please see file attached and I still have the same error when I try to install the policy)
Here is the scrrenshot of the error
Force an update of your IPS signatures from the R80.10 SmartConsole.
--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com
Thank you Hall, that was a IPS signature problem, after an update, the problem was solved.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY