cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Christoph
Christoph inside Policy Management Friday
views 1010 8 1

Windows UI Scaling breaking R80.20 UI

I'm using the latest SmartConsole for R80.20 on Windows 10 and there are multiple areas where the UI breaks.I run a dual monitor setup. 4k 3840x2160 on a 42" with recommended 150% scaling and 2736x1824 with on a 13" with the recommended 200% scaling.Doing a few tests it looks like most, if not all problems are in the 150% scenario. The 200% feels ok.Reading checkmates it sounds like there shouldn't be problems with R80.10 regarding to windows scaling but with R80.20 there are problems all over the place.A few examples:Compliance blade:- Regulatory Compliance graphs are out of the screen with no scroll bars or only a hint of text is recognizable and overlaps with graphs.Cluster object:- Network ManagementNot all networks are shown. No scroll bar. You can still reach and alter these networks blind with cursor and enter keys.- GeneralOpening a dialog with a scaling of X on one monitor and moving the dialog to another screen with a different scaling keeps the initial scaling. Maybe a Windows feature.
Gerrard_Leach
Gerrard_Leach inside Policy Management Friday
views 5005 19 1

Error installing SmartConsole R80

Hello, I am attempting to install SmartConsole R80 and R80.10 on a Windows 2012 server.The installer gets to about 90% and then fails.I receive an error log and it shows in can't find SmartConsolePreInstall.bat and yet I see it in the folder[10-3-2017 15:25:05] OnInstallingFile: File=C:\Program Files (x86)\CheckPoint\SmartConsole\R80\PROGRAM\ExternalPackages\.NetframeworkInstaller.msi[10-3-2017 15:25:05] OnInstallingFile: File=C:\Program Files (x86)\CheckPoint\SmartConsole\R80\PROGRAM\ExternalPackages\DotNetSetup.exe[10-3-2017 15:25:05] OnInstallingFile: File=C:\Program Files (x86)\CheckPoint\SmartConsole\R80\PROGRAM\ExternalPackages\dotnetconf.txt[10-3-2017 15:25:05] OnInstallingFile: File=C:\Program Files (x86)\CheckPoint\SmartConsole\R80\PROGRAM\ExternalPackages\WindowsInstaller31.exe[10-3-2017 15:25:05] OnFirstUIAfter: Function Start[10-3-2017 15:25:05] Call_SmartConsolePostInstall: Could not find C:\Program Files (x86)\CheckPoint\SmartConsole\R80\PROGRAM\SmartConsolePreInstall.bat[10-3-2017 15:25:05] WriteProgressBarValuesToRegistry...[10-3-2017 15:25:05] | SOFTWARE\CheckPoint\Check Point Product Suite\ProgressBar ,percent ,70 | was set[10-3-2017 15:25:05] WriteProgressBarValuesToRegistry - END[10-3-2017 15:25:05] ProgramAfter: Function Start[10-3-2017 15:25:05] UpdateRegistry: Function Start[10-3-2017 15:25:05] SetComponentsReg: COMPONENT1 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT3 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT7 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT10 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT4 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT5 NOT Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT6 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT9 NOT Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT11 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT12 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT13 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT2 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT14 Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT15 NOT Installed[10-3-2017 15:25:05] SetComponentsReg: COMPONENT16 Installed[10-3-2017 15:25:06] ProgramAfter: Vc8 already installed[10-3-2017 15:25:06] WriteProgressBarValuesToRegistry...[10-3-2017 15:25:06] | SOFTWARE\CheckPoint\Check Point Product Suite\ProgressBar ,percent ,75 | was set[10-3-2017 15:25:06] WriteProgressBarValuesToRegistry - END[10-3-2017 15:25:06] CPLaunchApp: Failed to load DLL - C:\Users\gleach\AppData\Local\Temp\2\{9F8DC9EF-F853-4FB6-BC6F-13C202BEDFC0}\{F29C8957-4268-4505-A717-C0F75F6B075E}\system.dll[10-3-2017 15:25:06] OnAbort: Installation aborted.[10-3-2017 15:25:06] WriteProgressBarValuesToRegistry...[10-3-2017 15:25:06] | SOFTWARE\CheckPoint\Check Point Product Suite\ProgressBar ,percent ,75 | was set[10-3-2017 15:25:06] | SOFTWARE\CheckPoint\Check Point Product Suite\ProgressBar ,status ,failed | was set[10-3-2017 15:25:06] | SOFTWARE\CheckPoint\Check Point Product Suite\ProgressBar ,prevStatus ,failed | was set[10-3-2017 15:25:06] WriteProgressBarValuesToRegistry - END
Jake_Williams
Jake_Williams inside Policy Management Thursday
views 87 1

Inline layer vs separate rules

I finally got my firewalls all updated to R80.20 so now I'm looking at taking advantage of the layer options. One thing that occurred to me and I haven't been able to find an answer so far is how to best optimize rules when taking the inline layers into account.For example, say I have a firewall management rule section that allows certain traffic to the firewall. One rule for SSH/HTTPS from managers, one for DHCP requests to the firewalls, one for SNMP from our monitoring servers, etc. Is there a reason not to make those an inline policy with the main policy just src: Any dst: Firewalls svc: Any? Would doing it as an inline layer speed up the firewall itself, or does it split it out into the separate layers when it pushes policy (the inline layers are just for management ease of use/reuse)?Thanks!Jake
Haris_Chaudhry
inside Policy Management Thursday
views 5047 15
Employee

Firewall allowing traffic without Access Policy

Hello, I am new here. I am having an Issue with an R80.30 Gateway that is allowing inbound traffic on 443 without an access policy in place. I think it is based on NAT, I do have a DNAT in place for 443 traffic, I thought Access policy must be matched in order to allow traffic ? The said traffic is not showing up on any logs either. Fw monitor I can see the traffic hit the WAN side not I cant see any other details after that. I am filtering based on source IP. fw monitor -m iIoO -l 56 -T -e '{accept(((src=123.32.234.234,dport=443) or (sport=443,dst=123.32.234.234)),[9:1]=6);}'
Feridun_ÖZTOK
Feridun_ÖZTOK inside Policy Management Thursday
views 3757 20 3

SmartConsole object problem on Windows 1903

Hello everyone,I formatted my computer Windows 10 1903 version and install latest SmartConsole R80.10 and R80.20 . I found a cosmetics bug. This bug in object panel and object explorer. Item name dubliated or wrong display. Otherwise description true in object explorer. Clicked object and i saw true value. Problem not just in hosts. Service, application category etc. same problem. My computer language and regional setting English, my friends computer language and regional setting Turkish, He has same problem. Sorry for my bad English. I'm uploading screenshots. Does anyone else have this problem?
Tom_Cripps
Tom_Cripps inside Policy Management Wednesday
views 69 5

Certificate validity time hours after creation time

Hi,I've recently recreated our HTTPS inspection certificate due to it expiring soon but it created the certificate with a valid from time 3 hours after creation?Is this normal behaviour or has something gone wrong in the creation process? Due to this issue we've had to turn off HTTPS inspection until after the valid from time.Any help is appreciatedTom
Markus_Malits
Markus_Malits inside Policy Management Wednesday
views 881 4 2

Smart Console filtered rule export, including resolved object details

Hi,one of my customers is having a challenge with exporting filtered rules to CSV. This is AFAIK not possible at the moment in Check Point R8x SmartConsole - and I think it should be low hanging fruit to develop, and a feature that adds to reputation as the premium gold standard GUI in firewall management.What are your opinions to that one? Quick set of screenshots to make the problem clear:In demomode filter for a subnetuse export to csvrealize the export is containing all rules, and that there is no "export filtered rulebase" optionWhen this would be considered to be developed by R&D, it would be nice to have a possibility to export the relevant list of objects / groups as well.The usecase for this customer is to report all relvant rules (and have the details about srcs/dsts) for a tenant, while rules are spread across the rulebase of this perimeter firewall.Looking forward to your commentsBest regardsMarkus
Daniel_Hainich
Daniel_Hainich inside Policy Management Tuesday
views 87 4

Policy Verification

Hi,iam using R80.20 with SmartConsole Version 055.Within "Verify Access Control Policy" there is no Error. When i start to install Policy, this ends with Error.Is it an Bug or is the Verify not able to check inside sub-layers? ThanksDaniel
Daniel_Westlund
Daniel_Westlund inside Policy Management Tuesday
views 6027 13 6

R80.20 and Database Revision

I have heard from several customers asking for a return of Database Revision Control in R80.X. I know every policy is backed up, but once and object is deleted, it can no longer be recovered with anything short of a full restore from backup since DB Revision is gone. My question is this. I'd heard that there were plans to bring it back in a future version. As it's not there in R80.20, does anyone know if there are plans to bring it back, and if so, at which future version?
VFO
VFO inside Policy Management Tuesday
views 67 2

[ISSUE] Smartconsole : View Changes

Hello everyone. We are facing a problem with the Smartconsole in R80.10. Every time, when we do a "View Changes" before an Install Policy, the Smartconsole reboot. We can see any delta before the push. Someone have encounter this issue ? Thanks in advance. Kévin
Steve_Payne1
Steve_Payne1 inside Policy Management a week ago
views 545 4 3

Centrally managed HA pair over a VPN

we are running r77.30 (cant find a group for that) we have a centrally managed pair of firewalls, and looking to deploy another pair of centrally managed checkpoints, but they will be connected back to the central manager via a vpn through the existing checkpoint pair, and will connect via the public ip of the remote pairwe are able to get them sic, but once we start add rules we lose connectivityis there a guide to do this setupsee basic picture,
Shoyeb_Shaikh
Shoyeb_Shaikh inside Policy Management a week ago
views 49 2

Hits count on checkpoint firewall

Dear all hello to everyone Just need the information that how can we check the total hits for a particular rule on checkpoint firewall.live hits and his count (tracker will shows traffic continuously) i need total hits on that rule live.don't provide the tcpdump and FWmonitor that is packet cpatuer. Suggestion most welcome Thanks Shoyeb Shaikh
Daniel_Hainich
Daniel_Hainich inside Policy Management a week ago
views 319 4

Inline Layer in R80.20 after Migration from R77.30

Hello, after migration from R77.30 to R80.20 i want to use inline layers.can i do an "soft-migration" and add some inline layers?can i use ordered and inline-layers at the same time? in maxpower-book i read to not use "any" object. but in R80.20 demo mode, many rules are with any.so should i avoid any, or is it with inline-layers no problem to use any? thanksdaniel
Jon_Dyke
Jon_Dyke inside Policy Management a week ago
views 2409 11 2

Drops on accept rule

Hi AllI am currently having a very odd issue that I cannot get to the bottom of on pair of R80.10 gateways. I am seeing 'weird drops' on rules which are actually accept rules.Here is one example:-I open a browser on 192.168.3.14 and go to Intel.com. The site opens ok but :-fw ctl zdebug drop | grep 192.168.3.14shows:-;[cpu_0];[fw4_1];fw_log_drop_ex: Packet proto=6 192.168.3.14:50702 -> 34.238.108.124:443 dropped by fw_send_log_drop Reason: Rulebase drop - on layer "Site0-Simplified-Policy Secur" rule 3;Rule 3 is an accept rule!!!!Any help appreciated.ThanksJon
BeaconBits
BeaconBits inside Policy Management 2 weeks ago
views 47 1

Blocking Application based on Country?

Hello Everyone, Can we block the app based on the country on application blade? I looked but couldn't find any easy option unless I add the IP ranges of the country as a source. Not an efficient way!!! Regards,B