Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

R80.20 Supernetting per community

Just an FYI per lessons learned today. We upgraded our gateways from R77.30 to R80.20 and one of our VPN Communities would not work. Error was Invalid ID for P2. 

Following SK108600 it says to make sure the Global settings in GUIDBedit are True for ike_enable_supernetthen per community change the ike_p2_enable_supernet_from_R80.20 parameter from "by_global" to "false.

Well My settings for this community didn't show anything for the enable supernet. I was told by my SE to just make a change to the comment section of the community object for this in DashBoard and publish.

By doing this it added the ike_p2_enable_supernet_from_R80.20  and set it to False by global.

So all I had to do was push policy.

0 Kudos
2 Replies
Highlighted
Admin
Admin

Was it as simple as adding ike_p2_enable_supernet_from_R80.20 to the comment field of the relevant community object?
0 Kudos
Highlighted

I just added the name of the object in the comments. Once I published it added it. 

According to our Check Point SE there was a previous SR regarding this same issue and that was the recommendation solution.

There is a script that is supposed to run during upgrade that adds that field to the database. If it is not there it defaults to false. Making any change to the community and publishing forces the script which  adds the field.

0 Kudos