cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Oliver_Fink
Nickel

Re: Check Point 1400 Appliance - FAQ

Hi, Danny.

Your citation is exactly what I had in mind when I wrote: "I think can read between the lines of the documentation that you can only configure 2 nodes." As you did, I would conclude that Check Point thinks of a cluster of two nodes – same as in your first version of your answer did when you wrote that you never thought of more than 2 nodes. I also admit that I would not try a 1400 cluster with more than 2 nodes of my own accord.

But I cannot read explicitly that more than 2 nodes are not supported. I would not insist on this if there were no possibility to configure more nodes.

In the meantime I found sk138893: How to create Centrally managed cluster for Embedded Gaia SMB gateways. There at classic mode is also explained with "Add the two New Cluster members from the Option Window". So, I believe, you are right. But I added feedback to sk138893 requesting clarification.

Thanks for your support.

0 Kudos
Danny
Pearl

Re: Check Point 1400 Appliance - FAQ

That's the best thing you can do. In another thread regarding VLANs on physical interfaces that are already in use that's what helped clarifying if it's supported or not. It turned out that it's not while you can actually configure it.

0 Kudos
Oliver_Fink
Nickel

Re: Check Point 1400 Appliance - FAQ

I will keep you updated to put it into the FAQ.

0 Kudos

Re: Check Point 1400 Appliance - FAQ

Hey Danny Jung.

I think this FAQ could include information about console connection and the 115200 speed.

Oliver_Fink
Nickel

Re: Check Point 1400 Appliance - FAQ

Check Point added to the notes of sk138893: "In Classic Mode, the configuration of two nodes is supported."

In Wizard Mode only two nodes can be configured, in Classic Mode only two nodes are supported. Ergo: Embedded GAiA supports only 2-node clusters. Maybe this can be added to the FAQ.

Re: Check Point 1400 Appliance - FAQ

I recommend that this excellent FAQ is pinned to Featured Content section here. 

Oliver_Fink
Nickel

Re: Check Point 1400 Appliance - FAQ

In the past I had to connect an 1100 appliance to a console port server with 9600 bps. This can be done with:

fw_setenv baudrate 9600

The information about the speed of the console port can be retrieved with:

fw_printenv -n baudrate

Maybe this is also something for the FAQ.

0 Kudos

Re: Check Point 1400 Appliance - FAQ

Surely that is something for the FAQ - the fw_setenv command is documented only in sk135332: Console is not connecting after restoring to Factory Default on SMB appliances

Details: "sw show port serial speed" and "fw_printenv baudrate" commands do not show the same value. ........... Also the following workaround is available: change the Serial port - Port speed from Device -> Advanced Settings to match the output from the command "fw_printenv baudrate" and this should restore console access.

Second command from expert mode is sw set port serial speed 115200

0 Kudos

Re: Check Point 1400 Appliance - FAQ

Сan anyone tell how to see who has connect through VPN?

0 Kudos

Re: Check Point 1400 Appliance - FAQ

In R77.20.85 (with local management) there is a "Connected Remote Users" section in the VPN tab.

0 Kudos

Re: Check Point 1400 Appliance - FAQ

Hello, this FAQ is really well built, thanks.

Just one question where I didn't find the confirmation for : Are Inline and/or Ordered Layers supported by 14XX appliances ? 

Thanks.

0 Kudos
Admin
Admin

Re: Check Point 1400 Appliance - FAQ

Not supported.

This is because the code is still based on R77.x.

I assume once we move to an R80.x codebase for the SMB appliances, they will be supported.

Re: Check Point 1400 Appliance - FAQ

Hi Danny Jung, i think debugging VPN on SMB appliances is done by debugging sfwd and is written to sfwd.elg (see sk62482).

0 Kudos
Admin
Admin

Re: Check Point 1400 Appliance - FAQ

The way to check IPS and AV signature package version from CLI is: pt bladeUpdateStatus

0 Kudos
Highlighted
akcent_stone
New Member!

Re: Check Point 1400 Appliance - FAQ

Very Nice Content..

VENKAT_S_P
Copper

Re: Check Point 1400 Appliance - FAQ

Question:

Whether the healthcheck script - sk121447 work on these SMB boxes (being embedded gaia)?

0 Kudos

Re: Check Point 1400 Appliance - FAQ

How to check the VPN topology that was generated for managed Gaia Embedded appliances?

Hello all:

 

Is there a way to check the loaded VPN topology  for a centrally managed Appliance ? 

in order to verify:

  • VPN Servers and interfaces
  • Subnets or vpn domains 

in a few words... the equivalent of sk64040 for the Gaia Embedded appliances. 

 

the main reason is for troubleshooting purposes... (very helpfull for me on SMB appliances). 

 

thanks in advance for your time and comments. 

 

0 Kudos