This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
tAwiii
Explorer
‎2025-06-25 11:11 PM

SD-WAN problem with PPPoE

Checkpoint Quantum Spark 1900
Firmware version is R81.10.15 (996003913)

The product has bugs. The manuals do not contain complete information. Access to technical support is denied. There is no information how to change or approve customer account to account with valid software subscription account to read SK. Service Request (SR) or Tickets are sent only by the seller, but the seller has not responded for 3 weeks. Good work, Checkpoint. If support couldn't answer, may be someone could answer in community.

We have problem with SD-WAN and PPPoE, because ISP disconnect internet connection every 120 hours. We selected the option Prioritize in SD-WAN settings, and the appliance fails over reserve, but don't fall back until you will press SAVE-button on SD-WAN settings (without changes) or restart interface.
(01:30:12 24.06.2025 Security Alert SD-WAN steering change: ISP down WAN2 meets the steering condition, ppp0 is down - Before: ppp0. After: WAN2)

We decided to restart interface every 100 hours to be sure that we have two working ISP.

Step 1 - We made script: ISP.sh

#!/bin/bash
export SKIP_PERMISSION_CHECK="true"
export PATH=/opt/fw1/bin/:/usr/bin:/bin:/usr/sbin:/sbin
LOG_FILE="/var/log/steering.log"
echo "$(date): Starting script" >> "$LOG_FILE"
echo "Running as $(whoami)" >> "$LOG_FILE"
{
/pfrm2.0/bin/clish "set steering-object ISP2_Prioritize remove candidate ISP-1"
/pfrm2.0/bin/clish "set steering-object ISP1_Prioritize remove candidate ISP-1"
/pfrm2.0/bin/clish "set internet-connection ISP-1 disable"
sleep 30
/pfrm2.0/bin/clish "set internet-connection ISP-1 enable"
/pfrm2.0/bin/clish "set steering-object ISP2_Prioritize add candidate IPS-1"
/pfrm2.0/bin/clish "set steering-object ISP1_Prioritize add candidate IPS-1"
/pfrm2.0/bin/clish "set steering-object ISP1-Prioritize set candidate IPS-1 move up"
} >> "$LOG_FILE" 2>&1
echo "$(date): Script completed with exit code $?" >> "$LOG_FILE"

Step 2 - Make the script executable...

chmod +x /opt/fw1/bin/ISP.sh

Step 3 - We don’t have SMS for the Scheduler Job, so: Log in to the gateway via SSH in Expert mode and create a cron job.

# crontab -e
SHELL=/bin/bash
0 10 * * 1,5 /opt/fw1/bin/ISP.sh

Step 4 - Wait for the script to complete and check the logs.

# LOG_FILE
Tue Jun 24 2025: Starting script
Running as root
Tue Jun 24 2025: Script completed with exit code 0

Step 5 - The Internet connection does not restart. Possible causes and fixes? Please provide the correct steps.

0 Kudos
1 Reply
Amit_Navon
Employee
Employee
‎2025-06-26 01:25 AM

Hello @tAwiii 

Please use my direct email amitna@checkpoint.com

Will do my best to help with above issues.

 

Best Regards,

Amit Navon

Product Manager

SD-WAN

Check Point Software Technologies

 

0 Kudos
Upcoming Events

    Sort by:
    CheckMates Events