Author: Danny Jung Q: What's the official product site ?A: Check Point 1400 Appliance | Datasheet | Support CenterQ: What's the 1400 Appliance's SecureKnowledge article ?A: sk110985 | Release Notes | Known LimitationsQ: Where can I find Getting Started Guides ?A: Centrally Managed 1430 / 1450 Appliances | Centrally Managed 1470 / 1490 Appliances Q: What's new ?A: The Check Point 1400 Appliance series was introduced at the Check Point Experience 2016 in Nice, France and is the successor to the 1100 Appliance series. As such it features the best All-In-One NGF Enterprise-Class Security solution for Branch Offices. The 1400 Appliance integrates an 8/18-Port Switch (Layer 3, managed), DSL modem (Annex A/B), Next Generation Firewall (including a NAT Router, Threat Prevention, IPS, Anti-Virus, Anti-Spam, Application Control & URL Filtering), Identity Awareness, Mobile Access, WLAN Router, Wi-Fi Hotspot, PoE and more. It also offers dynamic routing, quick deployment functions, 3G connectivity using a USB or Express Card support, multiple Internet connections, Policy Based Routing, DDNS (DynDns, No-IP), and more is planned with the upcoming firmware releases.Q: How does it look like ?1430/1450 Appliance with WiFi option:1470/1490 Appliance with WiFi & PoE option:Q: Which 1400 Appliance license models are available ?A: 1430 Appliance -> replaces 1120 & 1140 ApplianceA: 1450 Appliance -> replaces 1180 ApplianceA: 1470 ApplianceA: 1490 ApplianceQ: Can I upgrade the licensed model later on (1430 -> 1350 or 1470 -> 1490) ?A: Of course. Read here. Q: Which 1400 Appliance hardware models are available ?A: Model: L-71 Check Point 1430/1450 AppliancesA: Model: L-71W Check Point 1430/1450 WiFi AppliancesA: Model: L-72 Check Point 1470/1490 AppliancesA: Model: L-72W Check Point 1470/1490 WiFi AppliancesA: Model: L-72P Check Point 1470/1490 PoE AppliancesThe hardware doesn't differ between 1430 / 1450 and between 1470 / 1490 appliances. It's the license that limits the appliance and locks it down to the licensed system qualities.Q: What does the boot screen show ?A: Code: U-Boot 2015.01-alpine_db_s1-1.65.1-HAL (Nov 17 2016 - 10:24:23) Check Point version: 85 I2C: ready DRAM: 1 GiB ______ __ __ _______ _ _ .' ___ |[ | [ | _ |_ __ \ (_) / |_ / .' \_| | |--. .---. .---. | | / ] | |__) | .--. __ _ .--. `| |-' | | | .-. |/ /__\\/ /'`\] | '' < | ___// .'`\ \[ | [ `.-. | | | \ `.___.'\ | | | || \__.,| \__. | |`\ \ _| |_ | \__. | | | | | | | | |, `.____ .'[___]|__]'.__.''.___.'[__| \_] |_____| '.__.' [___][___||__]\__/ power_init_board: EEPROM per device information - using defaults! Board config ID: alpine_db (S1-L71) NAND: 1024 MiB 00:00.0 - Network controller 00:01.0 - Network controller 00:02.0 - Network controller 00:03.0 - Network controller 00:04.0 - Cryptographic device 00:05.0 - Base system peripheral 01:00.0 - Serial bus controller In: serial Out: serial Err: serial Verifying CRC for settings area... Done ************ Hit 'Ctrl + C' for boot menu ************ ## Booting kernel from Legacy Image at 08001000 ... Image Name: Linux-3.10.20-al-5.0-pr2 Created: 2017-05-21 12:24:05 UTC Image Type: ARM Linux Kernel Image (uncompressed) Data Size: 8710168 Bytes = 8.3 MiB Load Address: 00008000 Entry Point: 00008000 Verifying Checksum ... OK Loading Kernel Image ... OK Starting kernel ... Uncompressing Linux... done, booting the kernel. INIT: version 2.88 booting Booting Check Point User Space... INIT: Entering runlevel: 3 System Started... Q: What are the differences between the Wi-Fi-FCCA and Wi-Fi-WORLD SKUs and which should I order ?A: The FCCA SKU is for the United States. The WORLD SKU is for the rest of the world.Q: What is the sizing recommendation ?A: The sizing recommendation is based on SPU (SecurePower Units).A: 1430 Appliance -> 75 SPU (Home Office)A: 1450 Appliance -> 141 SPU (Home Office)A: 1470 Appliance -> 194 SPU (Branch Office)A: 1490 Appliance -> 233 SPU (Branch Office)Q: Do I have to renew the Threat Prevention blades to get updated signatures ?A: Yes. The service blades are for 1 year, two or three years. When this period ends, they must be renewed to get updates.Q: What are the throughput rates of the 1430 / 1450 / 1470 / 1490 appliances when used in production ?A: Firewall: 900 / 1100 / 1600 / 1800 MbpsA: Firewall & Threat Prevention: 90 / 150 / 175 / 220 MbpsQ: How do the 700 Appliance models differ from the 1400 Appliance models ?A: The 700 Appliance models are technically identical to the 1400 Appliance models. They even use the same firmware. However, they are branded and sold as an All-In-One solution for the SMB market and therefore cannot be managed centrally by a Check Point SmartCenter Server, just like the Check Point Safe@Office Appliance line they replaced.Q: How do I get started ?A: Check Point provides this Getting Started Guide.Q: What is part of the content package ?A: The appliance itself, a power supply, two network cables, a serial console cable, a USB cable for console connection and the usual Getting Started Guide.Q: What CPU is working inside ?A: ARM926EJ-S rev 1 (v5l)Q: What operating system is it running on ?A: The 1100 Appliance says: Check Point GAiA Embedded R77.20Q: What are the features of Check Point GAiA Embedded OS ?A: Check Point lists it right here.Q: How much RAM does it feature ?A: 1GB RAMQ: Which MAC addressing scheme is used for the 1400 Appliance series ?A: 00:1C:7F:__:__:__Q: From which SmartCenter version upwards can 1400 appliances be managed centrally ?A: R77.30 with 1400 appliance types add-on (Download).A: R80 with 1400 appliance types add-on (Download).Q: What is the most recent firmware version ?A: Check Point lists all 1400 firmwares in sk97766. Firmware Build Date   R77.20.20 (990170830) [Apr 14 2016] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30) R77.20.22 (990170838) [Jun 14 2016] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30) R77.20.31 (990170952) [Aug 01 2016] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30) R77.20.40 (990171107) [Oct 06 2016] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30) R77.20.51 (990171302) [Feb 09 2017] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.60 (990171684) [Oct 08 2017] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.70 (990171948) [Nov 08 2017] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.75 (990172239) [Jan 30 2018] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.80 (990172392) [Jul 10 2018] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.81 (990172525) [Oct 25 2018] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.85 (990172755) [Jan 02 2019] | Release Notes (PDF) | Resolved Issues | SmartUpdate Package (R77.30 | R80) R77.20.86 (990172840) [Mar 20 2019] | sk144852 | Release Notes | Resolved Issues | SmartUpdate Package (R77.30 | R80)   Q: Which is the default management port ?A: Port 4434/tcp (https://192.168.1.1:4434)Q: Which browser should I use to manage it ?A: Only use the latest version of Google Chrome. There are some issues known when using Microsoft Internet Explorer to export VPN certificates and when using any Web browser on Apple Mac OS X.Q: How can I find things quickly ?A: Use the search form at the upper right corner. Q: Where can I find the sitemap for quick access to all available configuration pages ?A: Right under "Home > Site Map". Q: Where can I quickly view my 1400 Appliance's status in the Web UI ?A: Right at the status bar. Mouse-overs provide you with quick status overviews, clicks forward you to the specific configuration pages. Q: Which SD card types are supported ?A: SD-HC card types up to 32GB only. If inserted the 1400 Appliance will automatically format them. Logs can then be saved to the card.Q: Which 3G modems are supported ?A: Check Point lists all supported modems in sk92809. Model Type Port Support Reference Huawei E372u-8 USB sk92809 Huawei Huawei E173s-2 USB sk92809 TP-Link MA260 USB sk92809 ZTE MF669 USB sk92809 Multi-Tech MTC-H5-B03 USB sk92809 Novatel MC547 USB sk92809   Q: Which 4G/LTE modems are supported ?A: Check Point lists all supported modems in sk92809. Model Type Port Support Reference Huawei (Vodafone) K5150 USB sk92809 Huawei E398 USB sk92809 Sierra G-MC7710u Industrial USB sk92809 Sierra AirCard 312U USB sk92809 Sierra AirCard 313U USB sk92809 NCXX NCXX UX302NC USB sk92809   Q: The 1400 appliance type is missing in R77.30 / R80 SmartDashboard ?A: Check Point provides a procedure for R77.30 and R80 to add it.Q: Why do I have issues changing the filtering list of allowed MAC addresses for wireless connections ?A: This is a known issue in current releases. Only change wireless settings when you are directly connected to your 1400 Appliance. Changing wireless settings, such as the MAC address filtering list, when connected per WLAN (via Wi-Fi) leads to a permanent error in the configuration that won't even be resolved by connecting directly later on. Only a complete reset of the 1400 Appliance will currently help fixing this issue.Q: Why does my 1400 Appliance not perform as fast as my previous UTM-1 Edge N Appliance ?A: The 1400 Appliance performs far more security functions than a UTM-1 Edge N, thus why you are seeing differences in performance. By disabling blades you are not using in Home > Security Dashboard, performance should improve. Always keep in mind that a 1400 Appliance is Check Points smallest NGTP Appliance, designed for the best security even at small and home office environments. Since it's an Embedded Appliance running on an ARM CPU it's by design of the product that it's performance assets are quite limited. The more blades it has to run, the less the overall performance will be.Q: Why do I get an error when activating my Check Point 1400 Appliance ?A: It's always recommended to activate the Check Point 1400 Appliance manually. Therefore just generate and download the activation file in your Check Point UserCenter account. Then activate your 1400 Appliance with the downloaded activation file. Backup the activation file for later activations.A: As described in sk93382, doing the activation  can cause several errors, like 'Maximal number of activations exceeded.' or 'Cannot find registration information for the appliance in the Check Point User Center. Currently using trial license.'Q: Does the 1400 Appliance support clustering ?A: Of course. ClusterXL and Internet High Availability (HA -> Active/Standby) is fully supported. Only Internet Load Sharing (LS) is supported though. This applies for local and central management. Q: How to configure a cluster between two locally managed 1400 Appliances ?A: sk121096 describes the correct procedure. Q: How can I create a custom boot script / disable SecureXL permanently ?A: sk65015 describes a solution where a custom userScript can be created that will be loaded after each reboot. It's actually as simple as putting your commands or scripts containing full paths in /pfrm2.0/etc/userScript Code: [Expert@fw]# cd /pfrm2.0/etc/ [Expert@fw]# vi userScript [Expert@fw]# chmod 777 userScript   Q: How is synchronization configured in a 1400 Appliance cluster ?A: The Sync interface is usually configured on LAN2. Using the wireless interface as the Sync interface is not supported.A: Before configuring a local cluster, make sure that the sync interface is unassigned by checking the Device > Local Network page in the WebUI.A: sk52500 describes how to configure a Sync interface other than LAN2.Q: How can I quickly check the top firewall policy rule hits ?A: Login to your 1400 Appliance via SSH. Enter the command: show rule-hitsQ: How can I securely copy files via scp to/from my 1400 Appliance ?A: Just enable Scp access with this expert-mode command: bashUser on Code: [Expert@fw]# bashUser on user: admin Bash login enabled. Scp access enabled. Note: Your default shell will now be bash, and when you login you will enter expert mode. We recommend that you use clish as your default shell, and move to expert mode only when necessary. You can move from bash to clish using the "clish" command. To restore your default shell to clish run "bashUser off"   A: Disable Scp access after copying your files via: bashUser off Code:     [Expert@fw]# bashUser off user: admin Bash login disabled. Scp access disabled. Cpshell enabled.     A: sk52763 describes the same procedure for using WinSCP.Q: Can I run my own scripts on the 1400 Appliance ?A: Yes. They will not survive a firmware upgrade though, so keep track of your additions/modifications and recreate them after upgrading.Q: How can I save local backups most easily ?A: Just connect a standard FAT-formatted USB stick to the back or front USB port of your 1400 Appliance as a local storage device for backups. Code:     clish> backup settings to usb Creating backup... Uploading backup_filename.zip to the USB device Upload complete Your settings have been successfully backed up and saved on your USB drive     A: Please note: An empty backup file will be created if the 1400 Appliance just runs with a trial license. To overcome this issue, you'd need to backup the specific files manually.Q: Is dynamic routing supported ?A: Of course.Q: Which ports do I need to allow in order for my 1400 Appliance to be able to talk to my Check Point Security Management / Log Server ?A: sk93566 lists the ports that need to be allowed. Usually it's:1: Src - Any, Dst - Security Management server IP, TCP port 18210 (service FW1_ica_pull)2: Src - Any, Dst - Security Management server IP, TCP port 18191 (service CPD)3: Src - Any, Dst - Log Server server IP, TCP port 257 (service FW1_log)Q: How can I set up a certificate based VPN on my 1100 / 1400 Appliance ?A: Danny Jung has written an article about Certificate based VPNs with Check Point appliances.Q: How can I troubleshoot VPN issues on my 1100 /1400 Appliance ?# Web UIA: Check for any related VPN log entries at Logs & Monitoring > Security LogsA: Check the status of your VPN tunnels at VPN > VPN TunnelsA: Test your VPN configuration at VPN > VPN Sites# ConsoleA: You can do a full IKE debug in Expert Mode via these steps:Step 1: Turn on VPN debug mode: vpn debug tunc; vpn debug on TDERROR_ALL_ALL=5Step 2: Recreate the VPN issueStep 3: Turn off VPN debug mode: vpn debug off; vpn debug ikeoffStep 4: Copy $FWDIR/log/ike.elg to your PC and inspect it with IKEViewQ: How can I disable the First Time Configuration Wizard ?A: The First Time Configuration Wizard will be disabled by default after completing it.A: You might also disable it manually by executing the following command at the console: set property first-time-wizard off Code:     $ ssh -l admin 192.168.1.1 admin@192.168.1.1's password: > Welcome to CLISH. The First Time Configuration wizard was not completed yet > NOTE: The First Time Configuration wizard may delete or override some of the settings you set in CLISH > To disable the First Time Configuration wizard (and USB automatic configuration) please run "set property first-time-wizard off" clish>     Q: How can I run the First Time Configuration Wizard again ?A: You can run it once by entering the following command at the console: set property first-time-wizard once Q: How do I successfully establish a VPN connection with a locally managed 1100 Appliance using certificates ?A: While the Check Point 1100 Appliance was primarily designed to be centrally managed in corporate enterprise networks it is also possible that there is a locally (i.e. externally managed) 1100 Appliance that needs to be configured for a VPN connection to your corporate Check Point VPN gateway / cluster. Even dynamically assigned IP address (DAIP) gateway solutions which have to keep up a permanent VPN tunnel to the corporate office are possible. sk94028 describes the full configuration procedure.Q: How do I set up certificate based VPNs with my Check Point 1100 / 1400 appliance ?A: Please read my article about how to set up certificate based VPNs.Q: Why does no traffic pass through the VPN tunnel between my 1400 Appliances and an interoperable device ?A: You probably forgot to mark the interoperable device as a Check Point gateway as described here.Q: Which clustering technology is being used by the Check Point 1400 Appliances ?A: Check Point ClusterXL.Q: Can I configure a locally managed Check Point 1400 Appliance cluster by using two different 1400 models ?A: Yes. However, clusters should be always configured using identical cluster nodes for better consistency, stability and reliability.Q: Can I configure a Check Point 1400 Appliance cluster with cluster nodes running on different firmwares ?A: No. This would lead into the following error:Q: Is there any other limitation when considering to run Check Point 1400 Appliances in clustering mode ?A: Yes, you can't neither use switches nor bridges in the local configuration of your 1400 Appliances. Q: How do I know if my inactive cluster node became active when running Check Point 1400 Appliances in clustering mode ?A: In centralized management just check SmartView Monitor. In local management you'll receive a notification in the WebUI. Q: How do I know if my active cluster node became inactive when running Check Point 1400 Appliances in clustering mode ?A: In centralized management just check SmartView Monitor. In local management you'll receive a notification in the WebUI. Q: When running Check Point 1400 Appliances in clustering mode, how can I manually change the activity of the cluster nodes ?A: In centralized management just change the priority of the cluster nodes in the cluster object properties and install the security policy.A: In local management you can force a member down by hitting the button 'Force Member Down' in the WebUI of the specific cluster node.A: You can always use the typical ClusterXL commands at the console to control your Check Point 1100 Appliance cluster. (i.e. clusterXL_admin up/down)Q: I configured a Check Point 1400 Appliance cluster but still keep getting errors ?A: Don't forget to reboot your Check Point 1400 Appliances right after the cluster configuration in order to get the cluster working. Otherwise you might see blocked connections for the service 'CP_Cluster_sync' in your log files. Q: I keep getting an 'Error during OS sync' at the end of my Check Point 1400 Appliance cluster configuration ?A: To overcome this issue just reboot your Check Point 1400 Appliance without closing the error window shown below. Q: Why are connections to TCP port 443 blocked on my 1400 Appliance ?A: Because this port is already being used by the Visitor Mode functionality for Remote Access users. sk93746 provides a solution.Q: Why is my VoIP phone not working behind my locally managed 1400 Appliance ? Why does my IPS blade still blocks SIP traffic with the error message 'IPS - SIP data malformed or Error with SIP data.' even after I turned it off ?A: Because on Check Point 1400 Appliances that are locally manged, the implicit policy rules of the IPS blade are working, even if the blade is turned off or an exception rule is created. sk93200 provides a solution by changing the default port (5060) of the SIP_TCP and SIP_UDP objects and creating two new ones. This circumvents the content inspection engine and therefore will allow your VoIP phone to work.Q: How do I to create an "Allow and Forward" rule on my locally managed 1400 Appliance ?A: sk93588 describes how to make use of the server types for this.Q: Is a 19" rack mount kit available for my 1400 Appliances ?A: Yes, just order the 1400 rack mount kit accessory which will allow housing two 1400 Appliances side-by-side in a 19” wide rack. Q: Is there an  DEMO of the 1400 appliance avaiable ?A: While there isn't an  demo for the 1400, there is one for the 700 which is very similar to the 1400 when locally managed. -------------------------------------- 700 Appliance  demo Login: demo Password: checkpoint -------------------------------------- Q: How to remotely reset the admin / expert password on Centrally Managed 1100 / 1200R / 1400 appliance from a Security Management Server ? A: sk119633 provides a solution. Q: What's missing ?A: The integrated Terminal Console window that the GAiA Portal features.A: A visual overview about all ports and their connection status, similar to what the UTM-1 Edge offered under Network > Ports.A: More information on the System Information page. Like cluster status, VPN status, connected USB sticks or SD cards etc.A: An option to allow two or more Admins to login to the WebUI at the same time.

It is very hard to keep up with documentation and SKs while all is constantly changing. I am collecting material and will present it here completely. Also see this list SMB documents for more. Please be aware that Check Point may remove, change or replace SKs at any time, so it may well be that many of the documents listed here are not accessible anymore… skI1915     Configuring Dynamic Objectssk20576    How to set ClusterXL Control Protocol (CCP) in Broadcast / Multicast mode in ClusterXLsk24102    Adjusting system-idle time on Gaia, Gaia Embedded and SecurePlatformsk25129    Supported platforms for ISP Redundancysk26059    Removing LDAP queries from the Implied Rulessk26202    Changing the kernel global parameters for Check Point Security Gatewaysk31631    What is the maximum number of interfaces supported by Check Point software?sk31692    RADIUS/SecurID packets are being picked up by an implied rule instead of being encryptedsk32250    How to automatically enter SecurePlatform and Gaia Expert Mode upon loginsk32578    SecureXL Mechanism sk33402    Support for FTP EPRT and FTP EPSV commands per RFC 2428sk33422    Office Mode IP and ipassignment.conf file sk34312    Deploying a Security Gateway in Bridge mode over a Trunk linksk35292    How to disable FW1_ica_services on port 18264sk35551    Directed Broadcast traffic is not forwardedsk35945    RTSP traffic is dropped when SecureXL is enabledsk36869    "TCP segment with urgent pointer. Urgent data indication was stripped. Please refer to sk36869." log in SmartView Tracker / SmartLogsk37692    How to determine the exact model of Check Point appliance from the CLI sk38848    Practical troubleshooting steps for logging issuessk40179    What are the characters and reserved words forbidden for use in Check Point Security Gateway and Security Management? sk44233    DCE-RPC Interface UUID do not pass through Security Gateway, despite the rulebase allows such trafficsk44852    How to configure a Site-to-Site VPN with a universal tunnelsk52180    Security Gateway 80 - R71 Known Limitationssk52500    Configuring a Sync interface other than LAN2 on Embedded Appliances clustersk52520    How to run commands at boot on an SG80/600/1100/1200R -- UserScriptsk52763    Connection to Security Gateway 80 or 1100 Appliance with WinSCP failssk53580    How to remove Alias IP address from Security Gateway 80_600_1100 appliance without reboot sk60080    Disk space tips and tricks for SecurePlatform / Gaia / IPSO / Linux OSsk60793    Configuring Security Gateways to allow connection of networks to a PPTP server while using Hide-NAT (GRE and Hide-NAT support) sk61701    CoreXL Known Limitationssk61781    FTP packet is dropped - Attack Information: The packet was modified due to a potential Bounce Attack Evasion Attempt (Telnet Options)sk62082    How to allow TCP/UDP packets with IP options through Check Point Security Gatewaysk62482    How to debug VPN issues on Security Gateway 80 / 600 / 1100 appliancessk62560    How to run complete VPN debug on Security Gateway to troubleshoot VPN issues?sk62822    Link Selection probing feature is not supported on Security Gateway 80_600_1100 appliancessk63560    How to run complete VPN debug on Security Gateway to troubleshoot VPN issues?sk65015    How to disable SecureXL permanently on Security Gateway 80_600_1100 appliancesk65060    How to cause a manual fail-over in ClusterXL on SG-8x appliances  sk65123    HTTPS Inspection FAQ sk65637    Typical ADSL configuration of various worldwide ISPs  sk66381    How to configure Management behind NAT in Security Gateway 80 / 1100 Appliance setup appliance sk66520    "cphaprob -l list" command shows that Device "ConnMonitor" reports its state as "problem" on Gaia Embedded cluster membersk66576    Traffic is dropped by IPS protection "TCP Segment Limit Enforcement" due to attack "TCP segment out of maximum allowed sequence"sk69726    VPN Routing does not work and traffic to other satellites leaves in_clear_when setting up SmartLSM profile in Star Community appliance sk79880    Traffic is dropped by cphwd_offload_conn Reason: VPN and/or NAT traffic between accelerated and non-accelerated interfaces or between non-accelerated interfaces is not allowedsk83520    How to verify that Gateway and/or Security Management Server can access Check Point servers?sk83700    How to customize and localize the UserCheck portalsk86321    How to debug FWD daemonsk86521    Reset SIC without restarting the firewall processsk87520    SMB Appliances - How to connect to the office using Check Point Remote Access (VPN) clients?sk87522    600/700 Appliance - How to connect to the office using SSL VPN?sk87523    600/700 Appliance - How to connect to the office using Windows 7 VPN (L2TP client)sk89320    SIP traffic passes successfully only in one direction through Security Gateway with ISP Redundancysk90342    Check Point 1100 Appliance Known Limitationssk90470    Check Point SNMP MIB filessk91842    Check Point 600 Appliance Known Limitationssk92281    Location of 'implied_rules.def' files on Security Management Serversk92332    Location of 'vpn_table.def' files on Security Management Serversk92445    Check Point R75.20 GA for 600 / Security Gateway 80 Appliancessk92446    Check Point R75.20 GA for 1100 / Security Gateway 80 Appliancessk92447    Status of OpenSSL CVEssk92465    Slow Site-to-Site VPN affected by Virtual Defragmentationsk92732    1100 appliance type is missing in R75.46 / R76 SmartDashboardsk92809    Supported 3G and 4G/LTE Modems with Check Point 600 / 700 / 1100 / 1200R / 1400 / 910 appliancessk92883    site to site between 1100 appliance and 3rd party doesn't worksk93200    SIP traffic is blocked by IPS default policy on 600_1100 appliance sk93333    600 / 1100 / 700 / 1400 SMB appliance Wi-Fi regions and SKUsk93344    SmartProvisioning Hotfix for 1100 appliance sk93382    'Cannot find registration information for the appliance in the Check Point User Center. Currently using trial license.' error during Step 8 of 9 of the Check Point 1100 Appliance Wizard setupsk93385    Policy installation onto SG 80 appliance or 1100 appliance fails with '*** glibc detected ***' errorssk93532    "invalid certificate" error when trying to establish a Site-to-site VPN with locally managed Check Point 600 or 1100 appliance using internal certificatesk93537    Traffic does not pass through the VPN tunnel between interoperable device and 1100 Appliance sk93566    DAIP / LSM SMB appliance has connectivity issues with Security Management / Log serversk93588    How to create_Allow and Forward_rule on Locally Managed SMB appliance sk93595    How to resolve the 'License may not match device' errorsk93613    How to enable Remote Desktop from specific host on the Internet to a server behind 600_1100 appliancesk93746    Connection on TCP port 443 is blocked on 600 and 1100 appliances sk93776    How to uninstall R75.47 from upgraded Security Management Server that manages Security Gateway 80 and 1100 appliances with WLAN or VAP interfaces through SmartProvisioningsk94028    How to configure Site-to-Site VPN between a Locally Managed 600 / 1100 appliance and a Security GWsk94695    SNX VPN disconnects every 20 minutes when connecting to Check Point appliances 600 / 1100sk95009    Failure to establish SIC or push policy to 1100 appliancesk95012    "Policy installation is not supported for the target, operation ended with errors" when installing policy onto 1100 appliancesk95027    'This gateway does not have a valid license for the Cloud Management' error when configuring Cloud Management in Check Point 600 appliance via WebUI.sk95134    How to debug IPS, Application Control and Anti-Virus update failure on 600_1100 appliancessk95149    Logs show that IPS drops e-mails on Locally Managed 600 / 1100 appliancessk95147    Location of 'base.def' files on Security Management Serversk95208    MIB files location in 600 and 1100 appliancessk95209    Anti-Virus blade is disabled in 1100 appliance WebUI and in SmartDashboard objectsk95236    GUI not showing the correct MAC or firewall type after importing backupsk95349    Traffic outage on the network when connecting two dedicated ports on two 1100 series appliances with a crossover cable for Syncsk95448    600_1100 appliance does not send logs to Log Serversk95570    'Another service has overlapping ports' error when editing a Service in 600 / 1100 appliance WebUIsk95769    Configuring Proxy ARP for Manual NAT on Locally Managed 600_1100 appliancessk95770    Changing the priority of Internet connections on Locally Managed 600_1100 appliancessk95967    BGP on Gaia OSsk95968    OSPF on Gaiask95969    List of Implied Rules for R75.20.X sk96071    Check Point  600/1100 Appliances drops GRE packetssk96130    "Error has occurred while applying the QoS settings (error 00356)" on locally managed 600 / 1100 appliancesk96189    How to debug random reboot issues on 600/1100 Locally or Centrally Managed appliancesk96246    Documentation For Check Point Appliancessk96666    1100 Appliance does not authenticate LDAP users when connecting with Endpoint VPN clientssk98722    ATRG: SecureXLsk96726    Site to Site status shows down in the GUI for 600 and 1100 but tunnel is upsk97286    Policy installation in WebUI or CLI fails on Security Gateway 80 appliancesk97071    Check Point 600/1100 Appliances drops GRE packetssk97529    Check Point 1100 appliances cannot be configured as Center Gateway in Star Topology VPN communitysk97585    After enabling Hotspot mode on 1100 appliance, the /fwtmp/ partition starts filling up and its size never decreasessk97638    Check Point Processes and Daemonssk97751    Identity Agent support and configuration on SMB Appliancessk97771    SNX portal fails to load on 1100 Appliancesk97810    Centrally Managed 1100 appliance does not send logs to Management Server sk97867    Policy installation on 1100 Appliances from SmartDashboard fails when there are more than 10 objects of 1100 gateways defined sk97926    Cannot select 1100 firmware in Provisioning Profile, or create an externally managed 1100 device in Dashboardsk97949    SmartView Tracker logs shows that X11 traffic was rejected as "Attack Name: X11 Enforcement Violation"sk97973    Server objects with Static NAT changed its IP to gateway IP addresssk98070   Traffic sent over a VPN tunnel does not reach its destination because SecureXL does not start fragmenting the packetssk98089    Application Control_URL Filtering logs from 600_1100 appliance show only some URLs from the session when using_Extended Logsk98112    "The resource is temporarily unavailable" message when trying to access the SNX Portal on a 1100 appliance sk98149    DNS proxy reachable from external interfaces on 1100 appliancessk98157    Centrally managed 1100 appliance with multiple external interfaces fails to re-establish VPN tunnelsk98190    How to configure Route-Based VPN with BGP on Locally managed 600_1100 appliancesk98221    'Failed to read file' error when trying to import an Internal CA to 600/1100 appliance exported from another 600 appliancesk98239    Location of 'user.def' files on Security Management Serversk98241    Location of 'crypt.def' files on Security Management Serversk98265    Cannot install policy on 1100 appliance, policy status is 'waiting'sk98332    Security enhancements for 600 / 1100 Appliance and Security Gateway 80sk98339    Location of 'table.def' files on Security Management Serversk98348    Best Practices - Security Gateway Performancesk98353    Check Point support for DHCP option 119 (Domain Search Option) per RFC 3397sk98474    SIC fails with an 1100 Appliance with 'peer sent wrong DN' errorsk98487    Website partially loads if users are behind 600_1100 gatewaysk98549    How to Burn Check Point 600 / 700 / 1100 Appliances version with Disk-On-Keysk98604    No valid SA when creating VPN tunnel between 600 appliance and 3rd party gatewaysk98606    Policy installation / fetch fails on Centrally Managed 1100 due to insufficient disk space on /fwtmp partitionsk98668    600 Appliance tries to connect to the Mobile Access blade when it is disabledsk98731    How to replace the existing expert password on 1100 Appliancesk98748    VPN Routes created for 1100 clusters in the 'vpn_route.conf' file are not pushed to 1100 appliancessk98858    DHCP daemon saves dhcpd.conf.LANx file incorrectly on 1100_600_Security Gateway 80 appliancesk98927    How to set the value of parameter "bpdu_forwarding" (BPDU forwarding) to survive rebootsk98981    Client cannot reach resources on the remote site sk98982    The WebUI of 1100 appliance displays wrong expiration datessk99011    How to determine the Check Point appliance from CPinfo filesk99015    Policy installation onto Centrally Managed 1100 appliance fails due to over-sized 'local.cfg' filesk99047    Static routes are missing after upgrading SG80 from R71.45 to R75.20sk99055    Source IP address is NATed to the external IP on locally managed embedded Gaia appliancessk99117    How to configure DHCP Option 66 on Check Point 600_1100 appliancessk99131    ADSL fails to connect in CP600_1100sk99132    Setting SNX connection timeout in 600_1100 appliances for R75.20 HFA50sk100199   Unable to enable traditional AV on 1100 cluster objectsk100236   DHCP is not providing an IP address on Locally managed SMB appliancessk100239   How to configure PIM on Gaia OSsk100242   Although DDNS on the Locally Managed 600_1100 appliance renewed the IP address, VPN clients still connect to the previous IPsk100245   Site-to-Site VPN between 600_1100 appliance and Safe@Office device does not pass trafficsk100246   Check Point IPS Protections for OpenSSL "Heartbleed" vulnerability (CVE 2014-0160)sk100248   When connect to Check Point 600/1100 appliances via L2TP  and then disconnect, unable to reconnect for several hourssk100250   'failed to read the file' error when importing internal CA to 600 / 1100 appliance, which was exported using Firefox browsersk100270   Unable to establish connectivity when configuring a Route Based VPN for Locally Managed 600_1100 sk100276   Route based VPN sends traffic across the tunnel in clear text for TCP trafficsk100278   C2S not connecting to updated IP when using DDNSsk100306   Some web sites are not blocked by URL Filtering on Locally Managed 600_1100 appliancesk100307   How to verify the version of Check Point MIB file on Security Gateway 80_600_1100 appliancessk100313   How to configure PPTP passthrough on 600_1100 appliancessk100316   VPN Tunnel status is 'Down' in Locally Managed 600_1100 appliances GUI although VPN tunnel is upsk100319   SNX temporarily unavailablesk100471   When trying to access a website behind a LocallyManaged 600_1100, user is redirected to Web GUIsk100501   How to configure Routemaps in Gaia Clish sk100509   How to use Windows 8.1 Check Point Mobile VPN plugin to connect to locally managed 1100/600 sk100519   Security Management Portal for Check Point 600 Appliancesk100520   Security Management Portal for Check Point 600 Appliance Known Limitationssk100565   1100 Appliance does not send logs to Security Management serversk100577   Traffic stops passing through a Site-to-site VPN tunnel with 600_1100 appliance sk100610   Error has occurred while applying the Firewall settings (error 00351)sk100613   Policy installation on 1100 appliance fails with message "Failed to generate the rulebase"sk100630   Empty Reports appear on locally managed Check Point 600 / 1100 Appliancesk100726   How to configure IPsec VPN tunnel between Check Point Security Gateway and Amazon Web Services VPC using static routessk100969   Time limits in a URL Filtering rule are not applied correctly on Locally Managed 600 appliancesk101047   How to manage Security Gateways using the "cprid_util" toolsk101052   Location of 'communities.def' files on Security Management Serversk101066   How to configure external WAP with inspection on 600_1100 appliancesk101110   SIP UDP VoIP doesn't work properly, incoming calls always redirected to same internal phonesk101131   Wrong routing decisions on Appliance 1100_600sk101187   In strict mode, Nodes behind 600_1100 are unable to access resources behind remote GW VPN tunnelsk101219  New VPN features in R77.20sk101307   600 / 1100 appliance hangs / freezes, fails to update software bladessk101460   How to configure Site to Site with overlapping encryption networkssk101433   BGP_Peer x.x.x.x not configured_error on CLI when trying to configure Internal BGP peer on 600_1100_SG80sk101466   Configure L2TP connection from Windows client to Locally Managed 600/700/1100/1400 appliance sk101469   Site to Site VPN fails when locally managed 600_1100 or Edge is Natted behind another machinesk101535   When trying to establish C2S VPN, connection gets stuck at 43% with error "Connection failed No response from gateway for 1st packet"sk101541   Mobile Access support for SHA-256 signed certificatessk101560   Check Point 600 Appliance cannot connect to the Cloud Centersk101568   VPN tunnel fails to recover between locally managed 600_1100 appliance on DAIP and centrally managed GWsk101587   MGCP traffic is NATed to port range of 10000sk101606   How to enable inspection of SMB/CIFS traffic by Anti-Virus blade or Threat Emulation bladesk101666   "Blocked on rule 0 Outgoing policy violation" security logs on Locally Managed 600 / 1100 / 1200R appliancesk101708   Anti-Virus and Threat Emulation blades miss inspectionsk101711   SNMPD crashes generating core files on 1180 appliancesk101828   Remote Access client connects successfully to Centrally Managed 600_1100_Security Gateway 80 appliance, but is not able to access any host behind the appliancesk101850   How to define Administrator's access to 600_1100 appliance from WAN in a secure manner sk101866   Visio Stencils for Check Point appliances sk101875   Policy installation fails with "Load on module failed - no memory" error  sk101911   IKE Phase 1 with DAIP device fails after IP address of DAIP device was changed sk102033   1100 Appliances managed by SmartProvisioning get wrong VPN certificatesk102046   Checking the box 'Turn on QoS Logging' is not saved in Centrally Managed 1100 / SG 80 object.sk102069   Remote Access VPN users are unable to access internal network resources through 600_1100 appliance via resource DNS namesk102087   Access Role containing a network object is not enforced on 1100 Gateway sk102126   When attempt to login to appliance WebUI, see following error: "Login attempt is denied because 'admin' user already logged in"sk102135   Traffic fails after rebooting Security Gateway with enabled Application Control bladesk102187   Endpoint Connect client connects to Locally Managed 600_1100 appliance, but disconnects after 20 seconds, if SecureXL is enabledsk102208   When remote access users connect to the local 600_1100 VPN server, one of the sides is unable to hear anythingsk102296   How to activate inspection on internal traffic on 600/700/1100/1200R/1400 appliancessk102367   How to hide port 443 on locally managed 600/1100sk102400   Unable to activate software blades in the object of Centrally Managed 600_1100 appliance sk102526   Policy installation onto 1100 appliance from SmartProvisioning fails with CPRID error #1 or CPRID error #2sk102559   Bridge mode 600_1100 URLF_APP traffic is not redirected correctly_Redirect action rule 1953 (outgoing)sk102567   ADLog command fails when adding network exclusion to ADQuery on 1100 Appliancesk102712   $FWDIR_conf_masters file on Security Gateway is overwritten during each policy installationsk102737   RouteD daemon might consume CPU at very high level on ClusterXL member running Gaia OS, when there are issues with cluster sync interfacessk102792   'Update' Status Bar is not visible on Check Point 600 Appliancesk102803   How to see users currently connected via Client-to-Site VPN on Locally Managed 600_1100_SG80 appliancesk102819   Policy installation on Centrally Managed 1100 appliance fails with 'Installation failed. Reason: IP = X.X.X.X is not available right now'sk102834   How to activate Locally managed 600/1100 appliance disconnected from Internetsk102836   L2TP VPN connection to Locally Managed 600 / 1100 / Security Gateway 80 appliance disconnects every 2 minutessk102947   Policy instal on Security Gateway 80_1100 appliance fails with_ERROR_target Name_of_Object is prohibited sk102989   Check Point response to the POODLE Bites vulnerability (CVE-2014-3566) sk103050   How to increase re-authentication time for remote access users on locally managed 1100 appliancesk103077   Memory consumption on Security Gateway constantly increasessk103095   How to generate an Activation File for Check Point 600 / 1100 Appliance sk103113   RTSP over HTTP traffic might cause high CPU load on Security Gateway when HTTP inspection on non standard ports is enabledsk103123   DHCP Relay packets sent from 1100 appliance are not encrypted after upgrading SMS to R77.20sk103206   IPS protections cannot be set to "prevent" on 600 Appliancesk103210   A certificate error pops-up when open a Microsoft Outlook 2007/2010 sk103215   1100 Appliance managed by Smart Provisioning/Smart LSM sends logs to internal IP of Security Management sk103222   Unable to edit WLAN settings for network and receive "An internal error has occurred" error message when trying to save sk103227   1100 appliance starts with 'Outgoing Policy' after every reboot sk103288   Policy install on 1100 appliance fails with 'Load on Module failed - failed to load Security Policy' after IPS updatesk103349   Cannot change centrally managed Check Point 1100 appliance Anti-Spoofing settingssk103350   QoS definitions are not shown in 1100 appliance WebUIsk103368   Internal URLs are not resolved from internal DNS server for Remote Access Clients for locally managed 600/1100sk103373   Configuring VPN Client to Site through Secondary interface  sk103413   Changes in custom_logserver_ip are not saved after reboot on 600 / 1100 sk103423   Access to web sites fails with multiple "Internal System Error" logs from Application Control / URLFsk103458   Error in system logs: [OS] /pfrm2.0/opt/fw1/bin/fw_db_handler was unable to handle DB update  sk103495   Active Directory Server fails with "no matches found" errorsk103497   600 / 1100 appliance fails to connect to Cloud Services Server with log "Web server error ... attempt to perform arithmetic on local 'hbInterval' (a nil value)"  sk103501   Policy Installation periodically fails with with error " Installation failed. Reason: Authentication error [ SIC error no. 147 ]" on 1400 and 1100 appliancessk103523   VPN traffic issues caused by devices with Dynamically Assigned IP (DAIP)sk103564   Tunnel test fail on cluster of 600 or 1100 with remote peersk103565   Permanent VPN Tunnel between 600 / 1100 appliance and CP Security Gateway is reported as 'Down' sk103679   Application Control policy on Check Point 600/1100 does not block posting & chatting on Facebook site sk103683   Check Point response to TLS 1.x padding vulnerabilitysk103839   Check Point update and online services migration to SHA-256 based certificatessk103876   How to manually delete an entry from the Connections Tablesk103918   Policy installation fails with the error "Operation failed, install/uninstall has been improperly terminated"sk103961   Replacing WebUI SSL certificate on Embedded GAIA Appliancesk103973   Unable to establish a VPN between Microsoft Azure and a 600 / 1100 / Security Gateway 80 Appliance sk104076   1100 Cluster assigns IP to interface2 even though they are disabled  sk104082   Unable to establish incoming SIP calls through Locally Managed 600 / 1100 appliance when using two separate external servers for SIP and RTP sk104083   Unable to select IKEv2 on 600 appliances with version R75.20.60 and above; but below R77.xx sk104095   RC4 cipher is allowed for Inbound HTTPS inspectionsk104111   1100 appliance does not support Primary IP for DHCPsk104250   Security Gateway might crash rarely when inspecting URLssk104464   Cannot create reports based on data from 1100 appliance on Security Gateway 80sk104560   Check Point response to Leap Second introduced in UTC on 30 June 2015sk104599   DHCP Relay functionality over VPN on 600 / 1100 appliance stops working after fail-over from ADSL to Cellular Modem (3G) sk104600   Policy installation on 1100 appliance fails when Application Control blade is enabledsk104618   'non sync(non secured)' status for Wireless network on 1100 devices clustersk104641   DHCP settings on VLAN interface are not enabled on 1100 Appliancesk104646   Unable to use "<" and ">" in Preshared Key for site to site VPN or L2TPsk104760   ATRG: VPN Coresk104783   "malloc failed: Cannot allocate memory" failure during policy installation on 1100 / Security Gateway 80 appliance running R75.20.X firmwaresk104799   Can NAT properties be configured via autoconf on 1100 appliance?sk104866   Gateway might crash when Threat Prevention "Fail Mode" is set to "Block all connections (Fail-close)"sk104880   IKE negotiation fails between Security Gateway and DAIP non-Centrally Managed Gatewaysk104999   Migration from Edge device to Check Point 600 / 700 / 1100 / 1200R / 1400 appliance  sk105008   Wireless clients are not able to connect to Virtual Access Point (VAP) on Locally Managed 600 / 1100 sk105073   Application & URLs blank window on 600 / Locally Managed 1100 appliance with error message: 'page 'app.appi' is missing. Exception:'cache' is undefined'sk105217   "Commit function failed" error on policy installation failure on 1100 or Series 80 appliancesk105281   Configure Domain Name for DHCP options on 600 and 1100 appliancessk105321   Traffic to HTTPS websites is dropped on "Unknown Traffic" category, if the certificate length sent from web server exceeds the limit   sk105387   Policy installation on Centrally Managed 1100 appliance fails with SecureXL warnings  sk105459   Synchronization problem on R75.20 HFA 30 600 appliances cluster sk105487   /var/log/messages file and output of 'show time' command show different time stamps on 600 / 1100 sk105496   SmartUpdate fails to upgrade with error on 600/1100 appliances sk105500   Stability issues on 600/1100 Appliance with Wi-Fi on automatic 20-40 MHz channel sk105518   Bridge configuration from a USB using autoconf.clish instead of using First Time Configuration Wizard sk105537   Security Management Portal R12 for Check Point 600 / 1100 / 1200R Appliances sk105726   When trying to change interface's type via CLI to part of a bridge interface, there is no "bridge" option sk105736   Policy installation on 11000 appliance fails with "SIC General Failure [ SIC error no. 148 ]sk105738   Check Point 1200R Appliancesk105741   Security Blades automatically turning off after being turning onsk105838   "No License to Manage QoS UTM-1 Sites" error in SmartDashboard when installing policy on 1100 object after enabling QoS blade in 1100 objectsk105841   VPND daemon crashes every ~30 minutes on Security Gateway due to memory leaksk105842   Security Gateway in Monitor Mode with enabled SecureXL might freeze intermittently sk105888   License is expired on Check Point 600 / 1100 Appliance gateway  sk105891   Pantech UML290 LTE Cellular USB modem is not recognized on Check Point 600 / 1100 appliances  sk105892   How to add an exception for a specific web site in the URL filtering of CP 600/1100 appliance sk105897   Fail to establish VPN between Cisco ASA and Check Point 600 / 1100 appliance sk105946   Modem support on Check Point 1100 Appliancessk105949   "IP address was not set yet for the Security Gateway" error when installing policy on Centrally Managed 1100 appliance with Dynamic IP Address (DAIP)sk105977   There is no option to add specific Active Directory users inside policy rules, when using Identity Awareness blade on 600 appliancessk105981   PBX and SIP phones are unable to register on Locally Managed 600 / 1100 / 1200R appliancesk105983   Debugging VOIP on 600sk106025   How to reset Expert password on Locally Managed Check Point 600 / 1100 Appliance sk106027   Email subject is deleted when a spam email is detected on Check Point 600 / Locally managed 1100 sk106125   Captive Portal redirection fails in Google Chromesk106195   How to change WEBUI port on 600 / 1100 / Security Gateway 80 appliances using CLIsk106198   Routing table does not refer to Metric value on Check Point 600 / 1100 appliancesk106234   Anti-Spam blade on 600 / 1100 appliance blocks e-mails only by entire domain and not by specific e-mail sk106244   UserCheck page of URL filtering does not appear while configuring bridge between WAN and LANsk106245   Anti-Spam blade on 600 / 1100 appliance does not flag spam e-mailssk106287   Download of Backup file in Gaia Portal of SMB appliance failssk106290   Security Management Portal R12 for Check Point 600 / 1100 / 1200R Appliances Known Limitations sk106330   URL Filtering does not block sites on 1100 appliancesk106348   Working with VLANs on 600 / 700/1100 / 1200R appliances and Edge / Safe@Office devicessk106367   Policy installation fails on 1100 / 1200R appliance when using Threat Prevention installed on cluster sk106403   IPS protections not available on 600 / 1100 appliances' "Exceptions" listsk106429   Security Logs location on Check Point 600 / 700 / 1100 /1400 appliancesk106473   "Bad Firmware Magic Number" error in system logsk106478   Check Point response to CVE-2015-2808 (Bar Mitzvah)sk106580   Incoming connections to a server NATed behind the Locally Managed 600 / 1100 appliance are rejectedsk106581   ClusterXL VMAC address cannot be configured in Dashboard on Centrally managed 1100/1200R sk106596   How to export configuration from Locally Managed 1100 Appliance + import it in Locally Managed 600 sk106670   Incorrect MAC address is displayed in WebUI on 600 / 1100 appliance after restoring from a backup file sk106694   1100 / 600 appliance cannot update IPS / Application Intelligence / Anti-Virus blade sk106740   DHCP Server on 600 / 1100 appliance does not lease new IP Addresses to a specific networksk106836   How to configure SSH authentication using RSA key files on Security Gateway 80 / 600 / 1100 / 1200Rsk106844   df command shows wrong used space percentage sk106864   Configure L2TP connection from Mac OS client to Locally Managed 600 / 1100 / 1200R appliancesk106873   Locally managed 600/1100 cannot clear Infected Hosts from Infected Hosts table sk106893   Unable to access 1100 appliance using Webui or SSH after installing the policy  sk106953   The requested URL revokepage was not found on this server Application Control Tracker log Usercheck error sk106954   Blade updates fail when IPS set to "strict" mode on locally managed 600 appliancesk106965   Identity Sharing does not work with SMB appliance running version R77.20.75 or belowsk107032   "show asset memory" command shows less RAM than is actually installedsk107038   Cannot configure DHCP option 43 on Check Point R77.20 for 600 Appliancesk107075   New gateways cannot register to SMPsk107097   Configuring DHCP relay through Site-to-Site VPN on GAIA embedded Appliancessk107132   Check Point Mobile Access support for Windows 10 sk107160   Application Control and URL Filtering logic of predefined blocked categories on Locally Managed 600 / 1100 / Series 80 appliancesk107164   How to configure SmartProvisioning on 1100 appliance sk107166   TLS1.2 Support Plan for Check Point Products sk107184   Security Gateway might crash in some scenarios when inspecting H.323 trafficsk107261   Certificate for Remote Access VPN on locally managed SMB Appliance   sk107262   Policy installation in "Pending" status after upgrade to R77.20   sk107263   1100/600 appliance reverts back to R75.20 after upgrade to R77.20 sk107280   License file does not match the appliance sk107283   Getting "Web server error" when trying to reset SIC on 1100 appliance sk107374   Application & URL Filtering reports are empty in Locally managed 600 / 1100 Appliance R75.20.70sk107393   Creating a custom DHCP option on a Gaia Embedded appliance fails with an errorsk107499   Location of 'gtp.def' files on Security Management Serversk107512   "FATAL: Web server error" when trying to apply an outgoing rule to block YouTube on Locally Managed 600 / 1100 appliancesk107515   The machine hangs on boot with "No response from 'pm' after a few seconds, it may have problems. [FAILED]" error on consolesk107555   Difference in reports information from local WebUI and Security Management Portal on 600/1100/1200Rsk107558   How to change administrator password to a clear-text password or a password hashsk107592   How perform a fresh/clean install of firmware on 600/700/1100/1400 appliance via USBsk107602   "An error has occurred while reading groups from the Active Directory" message on 600/1100/1200R sk107641   Configure "Route All Traffic" from locally managed SG80/600/700/1100/1400 appliance to a centrally managed gatewaysk107735   VPN Tunnel status changes to DOWN/UP randomly on 1100 gateway(deleted - sk107762   Policy installation on Check Point SMB appliances fails with "Load on Module failed - not enough disc space" error)sk107832   Check Point 600 / 1100 appliance stops appending security logs sk107856   Unable to select Provisioning Profile for 1100s created via LSMcli sk107980   Microsoft Lync fails to sign in after upgrading 600 / 1100 /SG 80 appliance from R75.20 to R77.20 sk108095   Serial console connection configuration for Check Point appliancessk108153   Local IP address is used in Hide NAT on cluster environment instead of VIPsk108156   600 Appliance cannot fetch groups from AD servers when one of them has special charactersk108172   Malformed PXE string in DHCP packets on 1100/600 appliancessk108199   Internal host can not surf the Internet when MTU of the WAN port was changed to a value less than 1400sk108202   Best Practices - HTTPS Inspection  sk108274   "NAT Error 00358" after upgrade to R75.20.70 sk108275   How to configure VoIP SIP when PBX is located in LAN of Locally Managed 600 / 1100 / 1200R sk108276   How to implement R77.20.x firmware on 1200R appliance using Disk-On-Keysk108277   Security blades update is stuck on "Update pending" when using "autoconfig.clish" procedure on R77.20sk108286   When 600 appliance connects to Cloud Portal, WebUI is stuck on "Connecting..."sk108289   Policy installation fails on 1100 appliancesk108356   Cannot establish VPN tunnel to an 1200R appliance with a PPPoE Internet connectionsk108372   Site-to-Site between Safe@Offices remotely managed by Legacy SMP 8.1 and remotely managed by SMP R12 600/1200R appliances sk108416   The Compliance blade does not recognize 'Gaia OS' Best Practices / remediations for 1100, 1200R, 1400 and 61000 appliancessk108437   How to configure External Security Log Server on Centrally Managed 600 / 1100 / 1200R appliancesk108453   Remote Access VPN users cannot pass RADIUS authentication, when RADIUS Server and Active Directory Server configured on the same machinesk108495   Although secondary interface receives inbound traffic to internal server, replies go through primary ifsk108515   Pings larger than 1000 bytes do not pass through SMB appliance / are not answered by SMB appliancesk108516   VPN tunnel fails with "IKE: Main Mode I have no certificate to use for IKE" error message after upgrading centrally managed Check Point 1100 appliance to R77.20sk108519   "show diag" command does not display 1200R Appliance Temperaturesk108580   "initializing modem" message is stuck on Web Consolesk108592   Exception does not work correctly, or appliance freezes completely when new IPS exception configured on SmartDashboard, and new policy version installed on 1100 Appliance  sk108598   "Wireless" WebUI attributes are missing after upgrade on 1100 centrally managed appliancesk108600    VPN Site-to-Site with 3rd partysk108617   Location of 'fwrl.conf' files on Security Management Serversk108624   Check Point R80 Known Limitationssk108625   Compliance blade shows wrong statuses for 'Firewall' Best Practices in 1100, 1200R, 1400 and 61000 sk108627   Multiple PPTP connections fails to connect after upgrade of Check Point appliance to R77.20.10sk108653   Security Gateway with enabled HTTPS Inspection crashes repeatedlysk108654   How to control support for SSLv2 handshake in HTTPS Inspectionsk108656   "/pfrm2.0/bin/sys_diag.sh ... temp1_input: No such file or directory" error when running "show diag" command on 1200R appliancesk108707   600 / 1100 appliance does not send logs to Security Management / Log server. sk108708   Security Reports are empty on Check Point 1200R appliancesk108755   How to replace Self Signed Certificate from SHA-1 to SHA-512 on Embedded GAIA sk108774   Enabling USB watchdog on 1100 Appliancessk108780   Status "Modem not detected" for Netgear AirCard 340U USB Modem in 600 / 1100 appliance's WebUIsk108815   Basic VoIP debugging when phones located behind firewall and PBX is external  sk108818   Security Gateway with enabled SecureXL might crash when processing a packet with Multicast Source IPsk108819   How to view all configurable commands on 600 / 1100 / 1200R appliance sk108841   Traffic Monitor does not show real data sk108849   PIM dynamic routing protocol does not work on Check Point 1200R appliance sk108860   VPN tunnel between Check Point Security Gateway and Centrally Managed Check Point 1100/1200R appliances may failsk108932   Inbound emails with PDF attachments that undergo Anti-Spam inspection arrive corrupted at destination  sk108959   How to disable the First Time Configuration Wizard on 1100 appliancesk108963   How to save local backup of 1100 Appliance to USBsk108996   "A security violation error: password: Value in field is forbidden" in System Logs when 600 / 1100 / 1200R appliance connects to SMPsk109048   How to create Site-to-Site VPN between 2 locally managed DAIP 1100/600 Appliancessk109074   Cloud Managed 600/1100 Appliance WebUI login page displays wrong MAC address sk109094   How to reach an internal network behind a Site-To-Site VPN tunnel, when connected with Remote Access to locally managed Check Point 600 / 1100 / 1200R appliances sk109103   Hosts intermittently disconnecting from wireless network on 1100 and 600 Appliancessk109139   How to configure Site-to-Site VPN between Locally Managed 600/700/1100/1200R/1400 appliance and Centrally Managed Security Gateway using certificatessk109148   List of allowed ASCII characters for passwords on Gaia OSsk109218   Configuration Error when creating network object on clish on 1100 and 1200R appliancesk109237   Site to Site VPN between 600 appliance and Safe@Office appliance fails due to 'Payload Malformed'sk109272   "Illegal characters in application-group name" when adding URL Filtering Category via CLIsk109312   Upgrade of 1100 appliance reverts back to original version after rebootsk109341   "Site is not responding" message in Remote Access client GUI when connecting to Locally Managed 600/1100/1200R appliancesk109344   Unable to establish L2TP connection to HA cluster of locally managed 600/1100/1200R appliancesk109370   SecuRemote will not connect to 600 / 1100 / 1200R appliance without additional clear text rulesk109394   "Failed to retrieve Logs" error when accessing Security Logs  (fw1_dep_R77_990171526_20)sk109398   "connections refused" error when connecting with SSL VPN to 600/1100 clustersk109403   "Value already exists" error is displayed when editing SIP_UDP or SIP_TCP servicessk109438   Files are emulated even though their MD5 is added as_Exception_to Threat Prevention policysk109465   Internet Interface PPPoE Dialer freezes appliances sk109468   Connections are broken for short time after disabling SecureXL, or after installing a policysk109473   Not possible to establish Site-to-Site VPN tunnel with LSV peer, which is a DAIP device sk109496   'License operation failed. License may not match device.' error when activating the 600 / 1100 appliance sk109556   Traffic drop on locally managed 1100 appliance with log on kernel debug: "Invalid IP option on packet"sk109582   High CPU on Security Gateway during Anti-Virus scan of large files transferred over CIFS/SMB2sk109709   Port scan shows ports as 'closed' on Check Point 600/1100 locally managed appliancessk109743   Upgrade to R77.30 causes issues with WAN accelerator using TCP Multipath option in TCP Headersk109853   Tunnels initiated with DAIP gateways cannot be re-established if the tunnel is resetsk109954   "Link speed" cannot be selected from clish on 1100 devices sk110024   1100 device does not send heart beats to Management server behind NATsk110053   Check Point response to CVE-2015-7547 and CVE-2015-5229sk110054   Location of 'dhcp.def' files on Security Management Server sk110265   Error when select new firmware on SmartProvisioning to upgrade SMB appliances sk110270   UserCheck does not appear for blocked HTTPS web sites on locally managed 600 / 700 / 1100 / 1200R sk110271 Status of NTP CVEssk110339   Output from console cable is unreadable  sk110364   'First to connect' option does not work when adding second 1100 appliancesk110513   Cannot select 1200R Firmware image in SmartProvisioning  sk110533   When creating VPN site using Endpoint Security VPN client, a pop-up message shown indicating that site security certificate is not trustedsk110534   Certificate authentication for Remote Access works only with an external CA on SMB locally managed appliances sk110536   SMB device statuses are flapping in SmartProvisioning GUI sk110617   Huawei K5150 4G USB modem does not connect to 4G when used with CP 600 / 1100 / 1200R / 700 sk110627   "CA certificate for this certificate not found" error when trying to add 3rd party certificate on Locally Managed 1100 appliancesk110677   How to perform Scheduled Backup on SMB Appliancessk110732   600/700/1100 appliance RC4 cipher allowed for HTTPSsk110736   Apps & URL Filtering blade blocks HTTPS applications, by category with no option to allow themsk110749   Application Control does not work on Locally Managed 600/700/1100/1200R appliance sk110789   CPRID Fatal error on the peer gateway when pushing policy from SmartProvisioning GUI  sk110790   Cannot see Top potentially high-risk applications by sessions in Security report with 600/700 Appliance sk110793   "Kernel failed to load the signatures (on instance 0)" error on Anti-Virus update failuresk110794   CP600 R77.20.11 WiFi slowness and disconnections sk110795   600 Appliance crashes when the Identity Awareness Blade is enabledsk110796   First deployment of SMB appliance using autoconf.clish file in USB drivesk110797   Blade update does not work when "Route traffic through this connection by default" is unchecked sk110833   Cannot disable "Route all traffic through this connection" option for PPPoE connectionsk110834   AV unable to identify viruses based on the MD5 database in POP3sk110857   SFWD and fw_worker consuming high CPU on 1100 appliance sk110872   Core is generated when using HTTPS categorization for a specific .gov sitesk110883   Specific HTTPS sites that use ECDHE ciphers are not accessible when HTTPS Inspection is enabledsk110934   Configuring Ethernet Over Internet Protocol (EOIP) on SMB Appliance sk110935   Software Blades Update Out Of The Scheduled Time on a 600 / 700 Appliance  sk110938   PPPoE Tunnels Abort RouteD Daemon When Sharing The Same Peer Gateway on 600/1100  sk110995   No License to Manage QoS UTM-1 Sites installing QoS express policy to 11xx, 1200R, 14xx appliances sk111001   1100 firmware upgrade clears custom contents of /pfrm2.0/bin/    sk111059   Hosts do not appear on active computers in 600 / 700 appliances' logs   sk111073   Application Control updates fail for SMB appliances 1100 / 1200R / 1400 that are Centrally Managed by R80 Security Management Server  sk111076   "Automatic Firmware Upgrade" on/off button is not available on700 appliancesk111110   Policy installation fails on R77.20 1100 devices with "Load on module failed - not enough disc space" sk111139   Admin access (WebUI+SSH) fails when connecting via Windows 8/8.1 Remote Access to 700 appliance  sk111176   "Web Server Error" error when trying to block "TOR" application on SMB locally managed appliances  sk111292   Missing Appliance type in SmartConsole Platform Hardware Type list  sk111295   The Gateway Platform list does not contain 1400 SMB appliances in the R77.30 SmartDashboard sk111312   Identity Agent support for Small Office Appliances sk111332   Upgrade of 1100 appliance from R75.20 to R77.20 failssk111334   600 / 1100 / 1200R configuration import to 700 / 1400 appliancessk111401   How to configure a Hotspot with Radius authentication on locally managed SMB appliancessk111407   Jumbo Frames Support sk111532   SIP Keep-Alive Messages on locally managed SMB Appliancessk111586   Is SD Card supported on SMB Appliances? sk111596   SmartProvisioning profile change generates duplicated IP ranges sk111613   Policy installation fails when installing QoS policy on 1100 appliance from Windows Server   sk111626   ATRG: SmartProvisioning  sk111629   WebUI of Locally Managed SMB appliance shows only "Device" tab on Standby cluster membersk111713   When using Mini-USB as a console connector on 700 and 1400 appliances, Windows does not automatically detect and download the driver needed for serial communication  sk111732   DDNS function does not work on a locally managed 700 appliance after an upgrade to R77.20.20 sk111733   How to configure Site-to-Site VPN between Amazon Web Services and locally managed 600/700 SMB sk111751   Site to Site VPN between centrally managed gateway and SMB appliance fails with "Invalid Certificate"  sk111756   There is no inspection between hosts in the same Internal Network on SMB appliancessk111757   When viewing a report in 600 / 700 appliances amount of traffic in 'Weekly' is greater than 'Monthly'sk111759   UDP Traffic on 600 / 700 appliances is dropped due to "Violated Unidirectional Connection"sk111813   Cannot assign an IP to ADSL interface on 1100 appliance sk111818   How to make kernel parameters survive reboot on SMB appliancessk111836   Scheduled backups enforced from SMP plan do not work  sk111839   VPN Central Gateway drops SIP RTP traffic between the SIP Call Manager and the phone behind VPN Satellite Gateway, where the SIP call was initiatedsk111840   VTI creation on SMB Appliance fails with "IP address is in the subnet of an existing network" errorsk111844   The 'clish' command does not work on SMB appliancessk111852   Failed to change 'Reset to factory defaults timeout' value on 600 appliance sk111854   1100 ClusterXL does not fail-back to Primary membersk111883   Cannot assign a larger than 8 characters password to VPN users on a locally managed SMB appliancesk111888   Cluster member might crash processing a NAT connection if SecureXL is not enabled on all memberssk111912   How to terminate Remote Access VPN connection on a locally managed SMB appliancesk111935   Site-to-Site VPN with SMB appliance fails after the Internet link is disconnected and reconnected  sk111943   POP3 mails are not being pushed when Anti-Spam blade is enabled on 600 appliance running R77.20.21 sk111961   Cannot configure DHCP reservation on server objects through the local WebUIsk111997   How to Troubleshoot SmartProvisioning Script for SMB appliancessk112001   Passive mode FTP connection failssk112053   Cannot create a VTI interface on a Locally managed 1100 appliancesk112063   Web server error Value in field is forbiddensk112098   Some BGP routes get deleted when a WAN disconnection is detected on 1100 appliances sk112166   "fwtmp" folder is filling up, causing crashes on SMB appliances sk112188   Traffic drop on Endpoint Security Clients connected to 1100 Security Appliance  sk112213   How to configure Certificate based Site to Site VPN between two locally managed SMB Appliancessk112217   How to deploy Centrally Managed Check Point 1100 appliance - video tutorialsk112241   Best Practices - DDoS attacks on Check Point Security Gatewaysk112274   VAP connectivity unstablesk112314   SNX client support for AES-256 encryption when connecting to Security Gatewaysk112343   Administrator Role in Check Point SMB Appliances sk112356   Traffic does not pass through Realtek NICs on Siemens RUGGEDCOM RX1400 / RX1500 Platform sk112373   Throughput in Network Activity does not change on SMB appliances sk112379   "Intrusion Prevention (IPS)" blade on Centrally Managed 1100 appliance is always shown as "ON" when installing policy in R80 SmartConsolesk112437   Cannot initiate VPN traffic to encryption domain behind LSM gatewaysk112465   Cannot add custom-server with UDP protocol from command linesk112536   Remote Access VPN connects but does not pass traffic to SMB appliance  sk112572   Monitor Mode on SMB appliances running Gaia Embedded OS sk112574   Unable to change the VPN re-authentication timeout for Mobile VPN / Capsule Connect / Capsule VPN client on Locally Managed SMB appliance  sk112634   "Can not delete this object because it is in use" message when trying to delete service on SMB appliance  sk112727   'Route All Traffic Through This Site' with 3rd Party Gatewayssk112735   Static routes using an internet connection other than the primary one will not be effectivesk112736   Check Point response to Leap Second introduced in UTC on 31 December 2016  sk112758   How to configure FTP server on 600/700 appliance to use FTP port w/o forwarding Passive Mode ports  sk112831   SFWD process consumes CPU at high level on Centrally Managed SMB appliances in cluster modesk112873   1100 VPN down with error: INVALID-EXCHANGE-TYPE sk112893   Eicar test file is recognized as 2 different Anti-Virus malwares on 600/700 appliancesk112898   IPS Performance on 1450 appliancesk112954   Some HTTPS sites do not load when HTTPS Inspection is enabled, if TLS 1.2 with ECDHE cipher is usedsk113013   Cluster does not synchronize Rules and Objects after the Certificate re-initialization on locally managed SMB 600/700 appliances sk113025   S2S VPN HA between two 700 appliances does not perform VPN failover on PPPoE Connection sk113026   Installing Database (user database) fails for 1100 appliance sk113028   Only some IPS records show rule numbers in Security Logs  sk113029   Configuration of NAT rule via CLI on Check Point 600 / 700 appliances fails  sk113039   SMB ClusterXL and VPN HA do not work upon Cluster-failover sk113090   Collect endless SFWD logs in GAIA embedded appliances sk113091   User redirected to captive portal during 1st logon of the day on SMB appliancessk113093   Identity Sharing Not Working For 1120 Device sk113113   Security Management Servers and supported managed Security Gateways sk113116   Enforce safe browsing on search engines sk113122   Cannot reach the encryption domain while connected with L2TP on SMB appliance  sk113161   Top command shows more than 100% CPU utilization for a processsk113234   Access rules for AD groups are applied on all hosts behind SMB appliances Security Gatewayssk113237   Kerberos Single sign on does not work for Captive portal on 1400 SMB appliance  sk113246   Wake On LAN (WOL) does not work between different subnets on SMB appliancessk113247   Maximum number of VLAN and VAPs for Gaia Embedded Appliancessk113248   How to clear 3D reports on 600/1100 700/1400 locally managed appliancessk113252   Secondary SMB cluster member configuration failssk113254   When connecting to 1100/1400 appliances, Capsule VPN/Capsule Connect unable to reach resources in encryption domainsk113360   "Couldn't retrieve blades information" manual activation errorsk113395   How to run the First Time Configuration Wizard through CLI in Gaia Embedded OS sk113397   Cannot resolve MEP Gateway error presented in the Smart Viewtracker logs from 1100 gateway, once the external link is recovered sk113502   Policy installation and SIC test fail on SMB appliancesk113516   How to make core files get generated with PID and module name on SMB appliancessk113537   On SMB appliances, L2TP client can access an internal or Internet resources, but not Both sk113554   How to reset the existing expert password on SMB devicesk113563   PPPoE connection fails to come up after disconnection on 600/1100 appliancessk113573   How to configure VoIP on Locally Managed 600 / 700 / 1100 / 1200R / 1400 / 900 appliances sk113652   Port Scanning shows incorrect FW open ports 600 / 700 /1200R/1400 SMB appliancessk113692   "Authentication failed (server error)" on accessing the appliance WebUI after entering correct credentialssk113693   Remote Access VPN to an appliance behind a NAT device fails when IPSec is usedsk113712   Terminal Server support for 'User Awareness' blade on SMB locally managed appliancessk113713   Back connection to Remote Access clients connected to Locally Managed SMB devicesk113739   Cannot create custom OID on Check Point 600 / 700 / 1100 / 1200R / 1400 SMB Appliances sk113741   How to set a new Expert password on SMB appliances (600/700/1100/1200R/1400)sk113812   VPN_Tunnel_State OID does not show information within MIB browser and SNMP on SMB appliancessk113832   Identity Awareness debugging not working properly on appliances running on the Gaia Embedded OSsk114016    Cannot assign Alias IP address on Internet-connection of Locally managed SMB appliancesk114017    Unable to Assign multiple Static IP addresess on the same internet interface on 600/1100/1200R/700/1400 appliancessk114018   Unable to connect to Skype Application using port 5061 (pre-defined TCP service)sk114033   How to Change the Web UI Session Timeout on SMB Appliance 600/700/1100/1200R/1400 sk114217   Bond / Link aggregated interfaces on SMB appliances  sk114394   Application Control does not block Facebook App it is still accessible on locally managed SMB Appliances sk114414   Broadcasted Wifi SSID randomly disappears on 600/700/1100/1400 appliancessk114437   "Error has occurred while applying the Network Objects settings (error 00362)" is displayed in the System Notification pop-up after re-initializing certificatessk114473   How to show the ADSL sync speed on SMB appliancessk114492   Failed to connect with L2TP to second Internet interface in locally managed SMB Appliances sk114531   Configuring Proxy ARP for Manual Static NAT on locally managed SMB appliancessk114596   Multicast traffic not forwarded over bridged interfaces on SMB appliancessk114638   "Invalid format for domain or email" error in Gaia Portal of SMB appliance when adding a Top-Level Domain to the Anti-Spam Block Listsk114652   Configuration of VPN High Availability (HA) towards two gateways on locally managed SMB appliance sk114658   LAN interfaces pass traffic during boot on 730/750/1430/1450 appliances sk114675   Cannot access 700 /1400 SMB appliance via WebUI or SSH with "MSS clamping" enabled  sk114735   SmartProvisioning Configuration script does not work for 1180 SMB appliance  sk114754   Manually configured local encryption domain blocks traffic to locally managed SMB appliancesk114755   SmartProvisioning LSM gateways cannot establish IKEv2 VPN tunnel sk114765   No traffic shown in "tcpdump" and "fw monitor" between hosts connected to different physical ports that are part of local switch interface of 60/700/1100/1400 appliancesk114806   ATRG: Threat Emulationsk114859   SMBv2 and SMBv3 not logging accessed shares when configured in CIFS Resource objectsk114973    Migration from UTM-1 Edge / SMB Appliances to maintrain Appliances failssk114981   ntpq command is not working in Gaia Embedded OS sk114994   Anti-Spam does not block POP3 emails from "Block List" by Sender IP on locally managed SMB appliances sk115108   QoS rules do not apply when the internet connection(s) uses a VLAN ID on SMB appliances sk115225   Restoring backup from one 1100 appliance to another is failing and causing a revert to factory defaultsk115229   Locally Managed SMB appliances not showing all Application Control's applicationssk115251   License is showing as "No Service" on an SMB Appliance sk115356   Location of 'traps.h' files on Security Management Server sk115412   Internet settings changes in SMB cluster are overridden/lost after a fail-oversk115413   Manually configured S2S certificate based VPN between two SMB appliances fails when both are connected to cloud SMPsk115414   VPN traffic doesn't pass between S2S SMB Cluster-To-3rd party peers when SecureXL is onsk115415   VPN and normal traffic is blocked on "Rulebase drop - (Unknown)" for locally managed SMB appliancessk115417   How to enable hosts behind a SMB appliance to resolve domain names defined in remote site AD/DCsk115432   Anti-Virus blade identifies Microsoft Office extension files (xlsx,docx,pptx) as zip files and treats them according to its policysk115433   On SMB appliances, Anti-Virus blade scans all files [incoming and outgoing] for FTP protocol regardless of the 'Protected scope' directionsk115434   How to change the SSH Keep-Alive Timeout on 600 / 1100 / 1200R SMB Appliancessk115435   VPN Site-to-Site going through a locally managed SMB appliance is not establishedsk115476   How to access an internal routed network (LAN behind LAN) via Client to Site VPN on SMB appliance sk115479   Locally Managed Cluster Gateways cannot be managed by SMPsk115543   When attempting to access SMP R12.11 an Error is displayed: "General Error, Failed to start SMP, Index: 0, Size: 0" sk115552   SMB appliances are unable to fetch SMP Root CA and External CAs once connected to the SMP sk115612   No ping to AWS encryption domain, although VPN between locally managed SMB device and AWS is establishedsk115636   No data in Reports while using SHA-384 authentication method on VPN configuration of SMB appliancesk115646   SMP does not send weekly reports for SMB appliance connected to itsk115718   How to ground a SMB Appliance sk115722   Monitoring blade is grayed out on 1100 SMB appliance object sk115775   How to change the default VPN remote access cryptography protocol in SMB appliancessk115854   "Cannot establish connection to SSL Network Extender gateway. Try to reconnect" message when trying to connect via SNX after firmware was upgraded to R77.20.51 (or above)sk115868   VPN Link Selection does not work if SMB device has two Internet connections with same default GWsk115874   "Management rejected fetch for this module - version matching problem" error when installing policy on 1400 SMB appliancesk115935   Emails with large attachments fail to arrive when MS Exchange is configured behind SMB appliance and Anti-spam is turned onsk115952   SMB appliance license cannot be activated after a replacement of the RMA unitsk115992   What are the MTBF values for Check Point Appliances?  sk115993   Anti-Virus POP3 hits seen in security logs are not displayed in the security reports of locally managed SMB appliances sk115999   Security Management Portal (SMP) may sometimes show SMB gateway as disconnected (most easily seen by the icons on the map) although the gateway is connectedsk116019   Hosts behind LAN switches other than LAN1 switch are unable to fetch emails using POP3 on locally managed SMB appliancessk116115   SMB appliances content based Anti-Spam does not support BDAT traffic (ESMTP/chunking)sk116135   "Invalid Input - Cannot change Switch Pivot" error on SMB Appliances when trying to change a switch portsk116256   When SMB appliance is in monitor mode, there is a mismatch in the report for the main and monitor SMB appliance. sk116338   How to configure User Awareness to see Specific Active Directory Organization Unit on SMB appliance  sk116342   "Couldn't retrieve blades information" error when importing activation file for SMB appliance  sk116359   "bad interpreter: No such file or directory" error when running script on SMB appliance   sk116362   "Error has occurred while compiling signatures (error 00365)" error on blade update failure  sk116365   "unlink: command not found" error when removing symbolic link on SMB device  sk116375   Zero Touch Provisioning for SMB appliances sk116454   Reports show a future time after a manual upgrade of an SMB appliance to R77.20.51sk116459   Traffic to RADIUS server from SMB appliance on Site to Site VPN, coming with source IP of WAN IF sk116465   Licensing on SMB appliancessk116576   How to establish Client-to-Site VPN from Linux machine to locally managed SMB aplliancesk116602   Cannot configure specific interface or direction in QoS rule for centrally managed SMB appliancesk116729   Warning messages for QOS policy installation on SMB appliances  sk116861   Policy installation fails with "SIC General Failure [ SIC error no. 148 ]" errorsk116981   SMB appliance scheduled firmware upgrade not startingsk117032   Viewing Gateway search results in SMP returns nothing sk117033   Duplicate plan names are shown in SMP sk117034   'Log Server - no connection. Please contact your administrator' is shown on SMP log page sk117113   SandBlast Zero-day Protection Threat Emulation in 1200R/1400 SMB appliances managed by R77.30 Security Management / Multi-Domain Management  sk117217   NetFlow 'InputInt' and 'OutputInt' parameters show interfaces of index 0 on SMB appliances  sk117218   Check Point response to Intel Elevation of Privilege vulnerability in Intel Active Management Technology (AMT), Intel Small Business Technology (SBT), and Intel Standard Manageability (ISM) sk117236   "cphaprob -l list" command shows that Device "routed_watchdog" reports its state as "problem" on Gaia Embedded cluster member sk117473   SMB gateway managed via SmartProvisioning cannot fetch policy after major upgrade sk117474   How to troubleshoot upgrades of SMB device over SmartProvisioningsk117545   MAC addresses of 1100 appliances are not shown in SmartProvisioningsk117579   User Awareness DC server synchronization period on SMB device cannot be changed  sk117582   Trusted links stop working for several minutes after policy installation  sk117592   Is Link Aggregation supported on Gaia Embedded Appliances?   sk117593   Unable to create a Captive Portal exception rule/list on locally managed SMB appliancessk117713   "Main Mode local machine configured not to respond to unknown IP addresses" error on locally managed SMB appliancesk117714   Audio in H323 call works only in one way through Site-to-Site VPN if call started behind centrally managed 1100/1200R/1400 appliance sk117793   Policy installation / fetch fails on Centrally Managed 1400 appliancesk117832   How to open "Kerberos" protocol between two local networks of locally managed appliance, when Firewall on a "Strict" modesk117912   Traffic counter cannot be reset back to "zero" on locally managed SMB appliance sk118035   Managing Firewall Access Policy from the Security Management Portal R12.30sk118083   sms daemon does not start on startupsk118280   Threat Emulation emulates URLs that end with ".com", as "*.com" filessk118293   Reports show incorrect bandwidth usage on locally managed SMB appliancesk118539   How to disable and remove Kaspersky Labs components from Check Point Security Gatewaysk118552   Cannot add an Interface with a USB analog modem through CLI on SMB appliancesk118796   Remote Access client connected to SMB appliance cannot reach internal network via Remote Access when Secure Configuration Verification (SCV) enabled   sk118816   IPv6 support for 700 / 1200R / 1400 SMB Appliances  sk119152   Interfaces table is empty in Centrally managed 1400 appliances cluster sk119412   Threat Emulation blade shows "No Service" in SMB locally managed appliances when having an EBP contract type sk119415   How to force originating VPN connections from local gateway to use an internal interface IP instead of the external IP WAN/DMZ in SMB locally managed appliancessk119473   Cannot create a network object with multicast network address on SMB appliances sk119474   VPN tunnels are interrupted when adding/removing gateway members to the relevant SMP VPN community sk119633   How to remotely reset Admin / Expert password on Centrally Managed 1100 / 12000R / 1400 appliance from a Security Management Serversk119832 SmartDashboard does not get the topology of VTI interfaces from cluster members running on Gaia Embedded OSsk119892   Tunnel is up and ICMP packets are sent encrypted but no response receivedsk120136   "The device is in Maintenance mode" and "Get Remote OS - SIC authentication Failure" for 1100 / 1200R / 1400 appliance managed by SmartProvisioning sk120139   Locally managed SMB Appliance does not initiate VPN tunnelsk120233   Cannot change the SSH port on SMB appliance using "Run Script" from SmartProvisioningsk120264   Clustering 1400 appliances with MAC overrides causes matching MAC addresses on both memberssk120297   How to remove DHCP Leases from SMB Gaia Embedded appliances sk120332    How and what information is shared with Check Point PROsk120344   WebUI gets stuck when adding new VPN site on locally managed SMB appliancessk120463   "IKE: Main mode cannot complete certificate chain" error with vSMP gatewayssk120512   Upgrade and Downgrade path for 600/700/1100/1400 appliancessk120555   How to allow Skype for Business services on SMB appliances sk120656   Cannot delete network objects on SMB appliancessk120676   PCI compliance scan fails on locally managed 600 / 700 / 1100 / 1200R / 1400 SMB appliances sk120713   How to disable TCP Timestamps on SMB appliancessk120812   Editing sdopts.rec file on SMB Appliances does not survive cpstop;cpstart / reboot / fail-over/ fail-back  sk120938   Check Point response to WPA2 Key Reinstallation Attacks (KRACK)   sk121032   How to Install a MAC-Based appliance license on SG80/600/700/1100/1200R/1400 appliance sk121096   How to configure cluster between locally managed SMB appliances  sk121114   "Fragmentation needed" error on dropped packets sent through tunnel sk121126   Hosts are not able to ping to their own default gateway on locally managed SMB appliances sk121193   How to configure specific VPN site to use secondary internet connection on locally managed SMB appliances  sk121199   Hotspot portal is not accessible through HTTPS.sk121214   SSL Inspection on Locally Managed 700/1400/1200R appliances sk121216   Postmaster sends notifications to receiver that spam was blocked by AS blade  sk121355   CALL_XLATE_FOLD_FUNC error when installing policy on Gaia Embedded device from R80x Security Management sk121442   Failed to see all Active Directory groups in locally managed SMB appliancesk121444   VPN traffic does not utilize CoreXL on SMB appliancessk121603   Enabling Route Based VPN disables CoreXL functionality on R77.20.xx Gaia Embedded appliances sk121604   Policy installation fails only on SMB devices after Application Control & URL Filtering blades are enabled sk121608   Many 'bind 0.0.0.0 - Address already in use' records in messages file of SMB appliancessk121634   Locally managed SMB appliances in a cluster do not synchronize sk121733   Cannot unassign LAN interfaces on SMB locally managed appliances sk121737   Failed to search security logs by date on SMB locally managed appliances running R77.20.60sk121740   How to configure unnumbered VTI on SMB Appliancessk121818   Changing VPN configurations on Locally managed appliance fails with "Error 00357"sk121859   Cannot configure WINS server for Remote Access VPN clients on Locally Managed SMB devices sk121949   Some traffic is not encrypted through route based VPN sk122012   How to configure alternative IPv4 static routes on SMB appliances after an Internet-connection probing failuresk122097   "An unexpected error has occurred. You may still be able to continue working normally. Please retry accessing the web page in a short while. (500)" error when redirect to UserCheck page on SMB appliances sk122156    Disk space issues on Gaia Embedded appliance when running debugssk122177   Unable to view WebUI tabs labels and login on SMB appliancessk122184   Unable to create new VPN domain at the gateway wizard for for SMB appliances sk122192   After rebooting the SMB appliance, Incorrect self-signed certificate is presented for the Web portal instead of the certificate assigned by the adminsk122205   Check Point Response to Intel Side Channel Attacks (Meltdown, Spectre, Foreshadow) (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, CVE-2018-3693, CVE-2018-3639, CVE-2018-3640, CVE-2018-3620, CVE-2018-3646, CVE-2018-3615) sk122209   Norton Security Toolbar extension on Google Chrome browser prevents the appliance WebUI from loadingsk122256   How to configure OSPF over VTI on locally managed SMB appliancesk122259   How to create a new account in Check Point Cloud SMPsk122276   SMB appliances fail to upgrade firmware sk122484   "Connection hold failed due to TCP retransmission limit" seen in security logs of SMB appliances while configured in bridge modesk122486   R80.20 GA and R80.20 Management Feature Release Known Limitationssk122659   Cluster in Active-Standby bridge mode in 1200R / 1400 centrally managed appliances sk122693   "A connection error occurred" during automatic update check on SMB appliancesk122892   Windows NLB multicast server cannot fetch mails from behind 600/700/1100/1400 device sk123014   "Installation failed. Reason: Failed to load Policy on Security Gateway" error on 1100/1400 appliancesk123015   Centrally Managed 1100 appliance does not send logs to the Security Management Serversk123035   Application Control & URL Filtering blade does not work properly on locally managed SMB appliances that deploy tag based VLANs over bridge modesk123036   How to tune the memory allocation for Tomcat services in SMPsk123049   How to delete old Tomcat log files on on-site SMPssk123052   "The port is already in use" warning when port 444 is used in any NAT rulesk123112    After a link failover on an SMB appliance, tunnel test packets are sent from an internal LAN instead of an external IPsk123297    Upgrade failed for SMB appliances from R77.20.20 to higher version  sk123364     netstat output in Gaia embedded appliances does not display the process ID (PID)sk123499    SMB Device does not complete boot and enters Maintenance Modesk123614    Cannot add an Active Directory Group to Remote Access VPN on SMB Appliancessk123714    Unable to open Apple link on SMB appliances - page is not reloadedsk123740    SmartProvisioning GUI shows blank Action Status pop-up on SMB appliancessk123794    HTTPS Inspection can be configured but does not work when the URLF blade is offsk123858    Identity Collector support on SMB Appliancessk123865    LED indicators on Embedded GAIA appliancessk124132    Safe search does not work in Google Chrome search engine on SMB appliancesk124872    CHAP support for Gaia and Gaia Embedded OSsk125096    In SMB and Branch Office Appliances, the Antivirus blade prevents 3rd-party software clients from connecting to the server sk125097    In SMB and Branch Office Appliances, the upload speed is limited to 3mb\sec while passing the Firewallsk125293    Configuring WebUI access port to 443 on Gaia Embedded failssk125434    Site to site VPN between centrally managed Branch Office appliances and Azure failssk125673    How to check SMB appliances' serial number?sk126372    Policy installation on SMB appliances fails with "Load on Module failed - not enough disc space"sk126373    High memory consumption on SMB appliances if Anti ARP Spoofing is set to 'Detect'sk126374    Threat Prevention infected hosts log shows hosts with external IPs in locally managed SMB appliancessk127172    After upgrading from R77.20.60 on Gaia Embedded, RADIUS authentication stops workingsk127392    SmartProvisioning does not show MAC address for SMB appliancessk127692    Policy installation fails on SMB device with dynamic IP addresssk127752    Assigning office mode from RADIUS is not working on SMB appliancessk127852    Unable to add new outgoing rule in SMB appliancesk128092    Policy installation to Centrally Managed SMB device fails due to lack of disk spacesk128652    Troubleshooting "site is not responding" Issues   sk129792    BGP / OSPF does not survive cluster failover on Gaia Embedded appliances in HA configurationsk130034    Port forwarding to a server with custom port from a different LAN is not workingsk130053    Cannot add URL to custom URL object in general categorysk130094    Login to WebUI fails sk130452    DSL connection is not established on 700/1400 appliancesk130793    SMB devices with Smart Provisioning support of SNMP on VPN tunnelssk131292    On SMB Appliances, Dead Peer Detection (DPD) packets are not sent when establishing a VPN site-to-site with a 3rd party peer sk131293    Error generating the report message is seen in the WebUI when trying to generate reports in locally managed SMB appliancessk131413    PPPoE Active Discovery Termination (PADT) is not sent when PPPoE interface (WAN/DMZ) is disabled on SMB appliancessk132012    External hosts are redirected to authenticate via Captive portal if Browser Based Authentication (BBA) is enabledsk132574    Inconsistencies exist between policies installed on the cluster members. Please reinstall the policy on the cluster on SMB locally managed appliancessk133132    Office 365 installation is causing SMB appliance to freezesk133152    Recommended authentication method in IKE for IPsec VPNsk133153    Check Point Response to Oracle Java SE Vulnerabilities July 2018sk133252    Rules mismatch when Manually configured Security Zones object usedsk134253    Check Point response to SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391)sk134373    Can users configure Email Alerts from SMP?sk134453    Are optic cables supported with Check Point Appliances? sk134535    Threat Emulation blade in Trial mode shows an expired quota for locally managed SMB appliances sk134536    Cannot disable CRL validation on 600/1100 appliances using CLISHsk134572    Check Point response to Bleichenbacher oracle cryptographic attack (IKEv1/IKEv2)sk135133    "CA certificate for this certificate not found" when trying to upload a signed request by an intermediate CA on locally managed SMB appliances sk135332    Console is not connecting after restoring to Factory Defaultsk135393    Client to Site VPN traffic that is connected to Vlan'd interface with SXL on causes the appliance to rebootsk135433    Blocking Applications and Categories from the SMP sk135672    Reset SIC for SMB Devices without Downtimesk135792    1100/1400 SMB appliance Security logs sent to wrong Management IP address sk135872    "No matches found" error when configuring an AD Authentication Server on Embedded GAIA appliancesk136513    New Batch of 1200R release for Small and Medium Business Appliancessk136812    SFWD crashes after enabling HTTPS Inspection on locally managed SMB appliancessk137115    Wrong redirect to Captive portal on locally managed SMB appliancessk137335    Loopback IP is shown for connections using Reach My Device (RMD) URL to access embedded Gaia appliances instead of the original source IP sk137336    Remote Access connections fail when the external interface is configured on 31 prefix in embedded Gaia appliances  sk137432    Dynamic object rule is not being hit by the intended traffic on a 1400 appliancesk137732    2FA [Factor Authentication] support for remote access VPN in locally managed SMB appliancessk138192    How to configure BGP on SMB gateways with VPNsk138892    How to generate a CPinfo file on a Gaia Embedded SMB Gatewaysk138893    How to create Centrally managed cluster for Embedded Gaia SMB gatewayssk138193    Unable to establish SIC between SMB appliances and Security Management Server with IP that ends with 255  sk138253    How to configure BGP in SMB gateways for non-VPN environmentsk138912    Cannot enable multiple WAN interfaces on 700/1400 SMB apppliancessk139133    Fan speed messages in /var/log/messages on SMB appliancesk139432    Check Point response to CVE-2018-9206 (Blueimp jQuery-File-Upload)sk139692    /logs fill up to 100% on Small and Medium Business Appliancessk140272    4G USB device does not use the APN defined in the WebUI of an SMB appliancesk140312    QoS policy doesn't affect VDSL Internet connection(s) on locally managed SMB appliancessk140393    Configuration of the Lab for IMAPS for Linuxsk140972    SMP system reports do not show status of security blades for locally managed Small and Medium Business Appliancessk141112    When using IKEv2 Branch Office/Ruggedized appliance initiates tunnel with KEY_ID instead of IPv4_ADDR with 3rd party peerssk141132    DHCP Relay reply packets do not reach bootp interface on centrally managed SMB ClusterXLsk141212    The Check Point anti-bot "Anti-Virus displays an error Update failed, Contract entitlement failed,Internal error occured"sk141312    Standby members in Small and Medium Business appliance clusters are not affected by dynamic routingsk141335    Remote Access routes not downloaded from Remote Access Encryption Domain when connecting to centrally managed SMB Clustersk141472    Cluster fails with multiple VLANs on the same LAN interfacesk141474    Adding bridge command in Clish mode failed sk141475    Output of show servers command does not include the outside port on SMB appliances sk141512    Checking for a firmware upgrade fails on Small and Medium Business Appliances running R77.20.81 B2525sk141852    Assigning VAP to wired LAN interface causes configuration modifying issuesk141953    Unable to open specific HTTPS sites when SSL Inspection is enabled on locally managed SMB appliancessk142052    Unable to use special characters for VPN pre-shared secret password: ( ) { } # < > / \ % " ? % ...sk142272    How to show link-speed on 700/1400 appliances when ethtool cannot be usedsk143274    Manual upgrade from R77.20.80 or older images to R77.20.85 might fail due to a timeout on SMB Appliancessk143472    Browser-based authentication option does not allow the use of an external portal sk143492    Bridge Internet connection is deleted when modifying the DHCP relay in the bridge interface configurationsk143932    ClusterXL flapping due to "Interface Active Check" problem on the Sync interfacesk144253    How to format an SD card on an SMB appliancesk144632    How to see the supported ciphers and HMACs of the SSH protocolsk144732    Editing a bridged internet connection in the Local Network tab deletes the internet connection sk144934    "Unable to retrieve information from User Center (Connection timeout)" error, license activation fails on SMB Appliances running R77.20.60 sk144952    "The remote SSH server is configured to allow weak MD5 and/or 96-bit MAC algorithms" message, vulnerability scan failssk145553    "System Notification Error has occurred while applying the Qos settings (error 00356)" on SMB appliances#sk145693    "ERROR: Install/Update Image from USB failed" when trying to upgrade an SMB appliance using a USBsk146214    "SYSTEM ERROR An internal error has occurred" message on firmware R77.20.85 Build 990172731, when try to open the "VPN Remote Access connected users view" tab sk146216    On SMB appliances, iOS device does not send DNS requests to internal PBX correctly while connected to Capsule VPNsk146217    Security Gateway does not recognize users who upgrade to R77.20.85 Build 990172731 when Hotspot is enabledsk146218    Setting "VPN Remote Access - Allow simultaneous login" to "false" still allows simultaneous VPN login for the same usersk146952    Adding/Removing VLANs post-cluster-configuration on locally-managed SMB appliances causes various issuessk147092    "Invalid object name. Name should begin with a letter and contain up to 32 alphanumeric (0-9, a-z, _~-.) characters" error, when creating Server Object using Static NAT optionsk147112    "Invalid object name. Name should begin with a letter and contain up to 32 alphanumeric (0-9, a-z, _~-.) characters" error, when creating a NAT rule with Source/Destination IPsk147415    How to block port 264 in Small and Medium Business Appliancessk147535    Cannot deploy an SMB device via Zero Touch using not DHCP Internet connectionsk147552    Check Point response to CVE-2018-20346(Magellan), CVE-2018-20505, CVE-2018-20506sk147553    Output of 'show nat-rules' command does not show "Auto Generated" NAT rules on embedded Gaia appliancessk147560    Policy installation fails on SMB devices with error: "Installation failed. Reason: IP = X.X.X.X is not available right now"sk147562    Blades are turned off or operate only partially when a trial license expires on a locally managed SMB appliance#sk147792    VPN client-to-site users are unable to reach the local encryption domain in Small and Medium Business Appliancessk147562    Blades are turned off or operate only partially when a trial license expires on a locally managed SMB appliancesk147792    VPN client-to-site users are unable to reach the local encryption domain in Small and Medium Business Appliancessk148473    "Error generating the report" message in WebUI when trying to generate reports in locally managed SMB appliancessk148672    How to send security logs from an SMB Gateway to an on-premise Check Point Log Server when managed by SMP (Cloud)sk148732    WatchTower Account Creation Errorsk148834    Managing the Email Notification Policy on the Security Management Portal (SMP)sk148952    "Warning: Can't find ::CPAP-AP910 in cp.macro. License version might be not compatible fw: no license for 'blades' Error: No valid license." message on 900 series appliance running R77.20.80 firmwaresk148992    "Error has occurred while applying the NAT settings (error 00358)" when configuring Server Objects on SMB appliancessk149293    Failed to save SMB device objectsk150192    Ping tests fail when remote access clients connect to SMB appliancesk150392    "Failed to finalize the restore process" error, when executing the command 'show restore-settings-log' on SMB appliancessk150412    Registration of locally managed SMB appliance to Reach My Device service failedsk150432    "Illegal characters in application-group name" error when adding applications with white spaces to an application group via the CLIsk150472    SMB appliances randomly fail to communicate with SmartProvisioningsk150852    900 appliance is not displayed in the in SMP Plans notesk150872    SMP PDF reports from 910 appliance are shown as from 792 appliancesk150972    After changing hostname, locally managed 1400 appliance cannot access WebUI for gateway managementsk151052    Traffic is not passing through S2S VPN tunnel to SMB appliancessk151552    "Failed to finalize the restore process" error on SMB appliances, when trying to restore settings from a USB device or a TFTP sever Changing host name loses connectivity for WebUIsk151895    Cloning a manual incoming access rule causes a mismatch between the WebUI and CLI when using SMB Appliancessk152032    An SMB appliance behind a NAT device does not update the DDNS provider when the device's IP address changessk152072    Shutting down SMB appliances 600, 700, 1100, 1200R, and 1400--FAQssk153054    OID polling does not show expected results on SMB Appliances with version R77.20.86sk153375    Unable to reach internal portals listening on port 443 on embedded Gaia appliancessk153433    R77.20.87 Jumbo Hotfix Accumulatorsk153452    SFWD stops working when remote access is configuredsk153832    ATRG: SecureXL for R80.20 and abovesk153913    Changes in SmartLSM Security Gateway are not applied in robo-IKE.NDBsk154073    3G/4G modem MF833V with RBD_MF833VV1.0.0B01 firmware version does not work with the devicesk154132    "Unknown field" error pops up when configuring an SMB appliance's IPS load thresholds in the WebUIsk154152    "Failed to read file" error pops up when adding a CA certificate to an SMB appliancesk154212    "The policy for the selected blades cannot be installed on Gateway 'LSM-Profile'" when installing a Threat Prevention policy on an LSM profile sk154213    SMB does not send logs - Configuration error: SIC is not defined for the log serversk154254    The feature "Location Aware Connectivity" is not supported on locally-managed SMB appliancessk154594    To make changes on trac_client_1.ttm - Sorry, this solution is deleted and can only be viewed by Check Point employees.sk154713    "An internal error has occurred. If the problem persists please contact Check Point Technical Assistance Center. Web server error" when logging into the GUIsk154812    CloudGuard Connect - Help & Supportsk155172    Authenticating to SMB appliances using only the first 8 characters of the Administrator password is allowedsk155292    SMB appliance replies to IKE traffic on Load Balancer destination MAC, not next hop destination MACsk155352    How to prevent disconnections in VPN when applying new policy on locally-managed SMB appliances sk155413    When using NAT commands in zero_touch_pre_conf.clish script, then Internet connection is lost sk155574    CloudGuard Connect - What's New?sk155912    Connecting Huawei E3372 dongle (4G) to 1400/1100/1200R appliances failssk156192    Check Point response to TCP SACK PANIC - Linux Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479sk156632    How to manage the Access Control Policy of CloudGuard Connect from SmartConsolesk156792    How to run lookup for unknown ports on SMB appliancessk156952    "Your connection is not private" error when accessing SMB appliances connected to SMP via their vSMP DDNssk156933    Wireless LAN configuration fails if it includes diacritic characterssk157072    Unable to install policy on multiple SMB devices after upgrading to R80.xsk157076    Policy installation on 1100 appliances time-out on R80.20 Security Management Serversk157155    SMB appliance's administrator Access Settings configured from SMP are not displayed in its WebUI and clishsk157172    How to apply a SMB appliance's administrator access settings that are configured from the SMPsk157413    "Certificate is already installed" pop-up error when trying to add a new trusted CA to a locally managed SMB appliancesk158092   Unexpected routing rule is shown when VTIs are configured on SMB appliancessk158333   SIC certificates do not renew automatically on Centrally managed SMB appliancessk158752    Unexpected behavior of locally managed SMB appliances when trying to pull POP3 emailssk158832    "Failed to find the requested switch" error in CLI is displayed when adding LAN ports to a LAN10_Switch on SMB appliancessk159252    On SMB appliances, when the Threat Prevention blades are all on, some legitimate emails are dropped randomly on the SMTP protocolsk159292    Unable to connect to SMB appliance WebUI when ESET SSL/TLS protocol filtering is enabledsk159693    How to resolve a Wi-Fi and product SKU mismatch on 1500 appliancessk159712    USB-C console connector for 1500 appliancessk159953    Site choice is missing from the menu options after creating a site to centrally managed SMB gatewayssk160312   Pushing settings and actions on SMB appliance fails with "Command 'push_settings_and_actions' returned with error -2147215991" errorsk160852   Location of custom_mgmt_IP and custom_logserver_IP files in centrally managed SMB devicessk160853   Masters file IP address change not taking effect on centrally managed Gaia Embedded appliancesk160972   Disk space issues on SMB appliances when running VPN kernel debugsk161172   1200R appliance does not fetch policy after an IP change on Managementsk161272   CloudGuard Edgesk161532   How to reset SIC on a Centrally Managed SMB Appliancesk161892   CloudGuard Edge Known Limitationssk161972   User Awareness account is locked outsk161975   postgres consumes high CPU on SmartProvisioning/LSMsk162472   How to force NAT-T on Gaia Embedded devicessk162515   Status of Intel CVEssk162538   After an upgrade to R77.20.87, some HTTPS sites give a certificate error when SSL inspection is enabledsk162754   Remote Access is not restricted per Active Directory Group on locally manage SMBsk162794   Cannot disable weak SSH ciphers in Gaia Embeddedsk163052   Not able to get RIPv2 working over virtual tunnel interface (VTI)sk163234   Unable to check firmware upgrades on an SMB appliance while proxy is configuredsk163296   Management Platforms per SMB Appliancesk163313   R80.30 IPv6 features and limitationssk163318   Bridge Control Protocol on SMB appliancessk163334   Can IPS protection "Repetitive SMTP Login Failures" be triggered on locally managed SMB appliances?sk163412   Syslog over VPN reports random hostname or log originsk163513   Cluster failover based on ping probing failure does not work with ISP Redundancysk163658   A host is reported by the SMB appliance as "infected" or "possibly infected" even though it was scanned and protected by an Endpoint protectionsk163914   Cannot attach an LSM profile to a 1500 Branch Office Appliance (in SmartProvisioning) on Multi-Domain Managementsk164017   Active member in cluster crash or rebootingsk164018   Missing configuration items in output of the 'show configuration' command on SMB appliancessk164113   Cannot select 1550 appliance from the list of appliances in R80.x GUIsk164152   Hosts and Servers in NIC teaming mode do not work correctly with SMB appliancessk164319   Policy-Based Routing (PBR) and VPN in SMB device sk164236   How many events can the 'Notifications' page in the WebUI of an SMB appliance show?sk164356   SIP phones behind SMB appliances fail to pull contacts from external PBXsk164720   Policy installation fails on R80.10 Jumbo Hotfix Take 249 and higher on SMB R77.20 Gateways

there is some problem to do fetch policy in 1100 with daipmgmt R80.10 take 911100 R77.20.75ISP Telmex ADSLRouter Mode standardynamically assigned IP address------------------------------------WAN--------------LAN---------------------WAN(dhcp)-------LANINTERNET----------daip-------------Router ISP----------192.168.1.64--------------1180--------SIC ConnectedSecurity Management Server Status Connectedbut DO NOT receive policies or install policiesShell"Management rejected fetch for this module - version matching problem.Security Policy Fetch Failed.Unable to fetch the Security Policy from the Management Server"thanks!

R77.20.86 for Small and Medium Business Appliances Check Point 1400 Appliance - FAQ What's New in Check Point R77.20.86 for SMB Appliances? New Mobile Application Push notifications for immediate reaction to security and network events. Easily manage and switch between multiple Security Gateways with a single login. Monitor your network and security status with simplified pages of statistics for traffic, events, and more.  In addition to the above, R77.20.86 includes many other important features. For more information, refer to the SMB WatchTower App Release Notes.  Send security logs to an on-premise LogServer when connected to vSMP. The VPN remote access user password can now consist of more than eight characters.    Supported Appliances The supported appliances are: 700 910 1400

Hi  Recently purchased 1490'S and while testing found out that Client authentication is not supported.    I am using centrally managed console to manage 1490 cluster's .    Error received while installing the policy: Security policy cannot be installed because client, Session or user authentication is not supported on checkpoint small office appliances   Any workaround for the client authentication ? 

Policy install on SMB appliances can fail if the IPS configuration enables too many protections. According to CP, SMB devices were never designed to run a full IPS policy and it is suggested to check sk105217 "Commit function failed"/"Installation failed" error on policy installation failure on small office appliances for configuration suggestions: When managed by R80.x Security Management server, create an IPS profile based on the top of the built-in Optimized Profile; up to R77.30 Security Management server, clone the Recommended Profile. Deactivate the "Server protections" option in IPS policy of the SMB Profile. In R80.x, it is found in the Pre R80 Settings:   Deactivate IPS protections whose CVE is from 2010 and/or older - these are vulnerabilities you would rarely find in Small Office environment and the performance impact of them is not cost effective. In R80.x you can add categories to Profile > IPS > Additional Activation > Protections to deactivate list: You can also deactivate IPS protections for traffic that does not pass through those gateways, e.g. Protocol FTP if FTP is never used. If this adaptions do not resolve the policy install issue, you can consult sk117793 Policy installation / fetch fails on Centrally Managed 1400 appliance  and sk126372 Policy installation on SMB appliances fails with "Load on Module failed - not enough disc space".   Please note that this is my own configuration that has not been checked by CheckPoint - and is open for discussions, corrections and additions. Also see this list SMB documents for more. 

Dear Trem,Is there is any possibilities to disable the Automatic Update of Antivirus, Anti-bot and IPS in SMB appliances.Regards,Arun.R

Hi,I need your advice on a 1470 capacity optimization. This is how it is setup at the moment:I was following sk39555 and I ran 'fw ctl pstat' to check what's the current status. There it is:System Capacity Summary: Memory used: 17% (184 MB out of 1051 MB) - below watermark Concurrent Connections: 1% (1632 out of 149900) - below watermark Aggressive Aging is not activeHash kernel memory (hmem) statistics: Total memory allocated: 192937984 bytes in 47104 (4096 bytes) blocks using 21 pools Initial memory allocated: 109051904 bytes (Hash memory extended by 83886080 bytes) Memory allocation limit: 408944640 bytes using 512 pools Total memory bytes used: 76512184 unused: 116425800 (60.34%) peak: 178943980 Total memory blocks used: 21151 unused: 25953 (55%) peak: 44215 Allocations: 84585497 alloc, 0 failed alloc, 83774180 freeThe SK talks that the Total memory allocated should be roughly the same as Memory pool size in the Optimization property. Unless I calculate something wrong, at the moment it is ~192 MB which is much more than the 20 MB set as initial memory pool and the max mem pool size. In fact, it says it extended it by ~83MB which is kind of not recommended and may cause memory fragmentation.So, what I am not getting right here ? Anything I should change/adjust ?

I'm happy to share that we a free live demo of the SMB gateways and the SMP management.700 gateway:https://demo700.checkpoint.com user: demopass: checkpointSMP:https://smbmgmtservice.checkpoint.com domain: demouser: demopass: checkpoint

Hello guys,I need your help again. We have a locally managed Checkpoint 1450 SMB Appliance and our traffic drops when trying to go to the internet.I have created a policy that allows users to go to the internet as well.In my Log files I have lots of drop traffic from allowed user range and log messaged shows as 'Address Spoofing' so my question is how can I enable address spoofing in SMB appliances of how can i get rid or this message and let the traffic go to the internet.Im running the latest OS version of embedded gaia  and haven't installed any hot fixes at all.Thanks in Advance,Shehan

I am clustering 2 Checkpoint 1200R devices. When I fail over the primary unit to the secondary device, all is good. When the primary unit is restored, is there an option to fail back the unit automatically ?

It is very hard to keep up with documentation and SKs while all is constantly changing. I have collected material and present it here completely. Please be aware that Check Point will remove, change or replace SKs at any time,so it can well be that many listed documents do not exist anymore…   sk92741    Gaia Embedded OS featuressk93307    Check Point R75.20 HFA 1 for 1100 Appliance sk94227    Check Point R75.20 HFA 25 for 600 / 1100 Appliance and Security Gateway 80  sk95589    Check Point R75.20 HFA 30 (R75.20.30) for 600 / 1100 Appliance and Security Gateway 80 sk97186    Check Point R75.20 HFA 40 (R75.20.40) for 600 / 1100 Appliance and Security Gateway 80 sk97766    Check Point 600 / 1100 / 1200R /700 /1400 / 910 SMB Appliances Releasessk98332    Security enhancements for 600_1100 Appliance and Security Gateway 80sk98404    Check Point R75.20 HFA 50 (R75.20.50) for 600 / 1100 Appliance and Security Gateway 80 sk100442   Check Point R75.20 HFA 60 (R75.20.60) for 600 / 1100 Appliance and Security Gateway 80 sk103735   Check Point R75.20 HFA 69 (R75.20.69) for 600 / 1100 Appliance and Security Gateway 80 Appliancesk105379   Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 Appliancesk105380   Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 Appliance Known Limitationssk105738   Check Point 1200R Appliance sk106669   Check Point R75.20 HFA 70 (R75.20.70) for 600 / 1100 Appliance and Security Gateway 80 Appliance sk106957   Check Point R77.20 HFA 10 (R77.20.10) for 600 / 1100 / 1200R Appliance sk107453   Check Point R77.20 HFA 10 (R77.20.10) for 600 / 1100 / 1200R Appliance Resolved Issues sk107537   Check Point R75.20 HFA 71 (R75.20.71) for 600 / 1100 Appliance and Security Gateway 80sk108193   Check Point R77.20 HFA 11 (R77.20.11) for 600 / 1100 / 1200R Appliance sk109124   Small and Medium Business Appliances: 700 series (R77.20.15)sk109936   Small and Medium Business Appliances: 700 series (R77.20.15) Known Limitations sk110268   Check Point R77.20 HFA 16 (R77.20.16) for 700 Appliancessk110875   R77.20.20 for Small and Medium Business Appliances  sk110984   Check Point 700 Appliances sk110985   Check Point 1400 Appliancessk110998   R77.20.20 for Small and Medium Business Appliances Resolved Issuessk111100   R77.20.20 for Small and Medium Business Appliances Known Limitations sk111656   R77.20.31 for Small and Medium Business Appliancessk111953   R77.20.22 for 700 1400 Small and Medium Business Appliances sk112272   R77.20.31 for Small and Medium Business Appliances Resolved Issues sk112858   ATRG: Gaia Embedded Appliances sk113238   R77.20.40 for Small and Medium Business Appliances sk113575   R77.20.40 for Small and Medium Business Appliances Resolved Issues sk114815   R77.20.51 for Small and Medium Business Appliancessk115616   R77.20.51 for Small and Medium Business Appliances Resolved Issuessk116136   Orchestrated Rollout of LSM Centrally Managed 1100/1200R/1400 SMB Appliances - Demo Kitsk117544   Security Management Portal R12.30 for SMB, Branch Office and Ruggedized Appliances    sk117732   R77.20.60 for Small and Medium Business Appliancessk117894   R77.20.60 for Small and Medium Business Appliances Resolved Issuessk120473   R77.20.70 for Small and Medium Business Appliancessk121758   R77.20.75 for Small and Medium Business Appliancessk123294   R77.20.80 for Small and Medium Business Appliancessk133732   Check Point 910 Appliancessk137212   R77.20.81 for Small and Medium Business Appliancessk140193   R77.20.85 for Small and Medium Business Appliancessk144852   R77.20.86 for Small and Medium Business Appliancessk151574   R77.20.87 for Small and Medium Business Appliancessk153433   Jumbo Hotfix Accumulator for R77.20.87sk157412   1500 Series Security Gatewayssk159173   Check Point R80.20 for Small and Medium Business Appliances sk159772   Check Point R80.20.xx for 1550 / 1590 Appliance Features and Known Limitationssk163612   R80.20.01 for Small and Medium Business Appliances

Hi,has any of you ran into something like this:[cpWatchDog 2765 1744478736]@RD6281[18 May  9:20:47] [ERROR] Process SFWD terminated abnormally : Unhandled signal 11 (SIGSEGV). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[18 May  9:21:47] [SUCCESS] SFWD started successfully (pid=3551)[cpWatchDog 2765 1744478736]@RD6281[18 May  9:35:25] [ERROR] Process SFWD terminated abnormally : Unhandled signal 6 (). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[18 May  9:36:25] [SUCCESS] SFWD started successfully (pid=4359)[cpWatchDog 2765 1744478736]@RD6281[20 May  9:41:20] [ERROR] Process SFWD terminated abnormally : Unhandled signal 11 (SIGSEGV). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[20 May  9:42:20] [SUCCESS] SFWD started successfully (pid=18894)[cpWatchDog 2765 1744478736]@RD6281[20 May 16:12:09] [ERROR] Process SFWD terminated abnormally : Unhandled signal 11 (SIGSEGV). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[20 May 16:13:09] [SUCCESS] SFWD started successfully (pid=20929)[cpWatchDog 2765 1744478736]@RD6281[21 May  8:50:27] [ERROR] Process SFWD terminated abnormally : Unhandled signal 6 (). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[21 May  8:51:27] [SUCCESS] SFWD started successfully (pid=25168)[cpWatchDog 2765 1744478736]@RD6281[21 May  9:14:11] [ERROR] Process SFWD terminated abnormally : Unhandled signal 6 (). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[21 May  9:15:11] [SUCCESS] SFWD started successfully (pid=25918)[cpWatchDog 2765 1744478736]@RD6281[21 May 10:54:58] [ERROR] Process SFWD terminated abnormally :Unhandled signal 11 (SIGSEGV). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[21 May 10:55:58] [SUCCESS] SFWD started successfully (pid=27458)[cpWatchDog 2765 1744478736]@RD6281[21 May 12:35:14] [ERROR] Process SFWD terminated abnormally : Unhandled signal 6 (). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[21 May 12:36:14] [SUCCESS] SFWD started successfully (pid=29000)[cpWatchDog 2765 1744478736]@RD6281[22 May 14:53:05] [ERROR] Process SFWD terminated abnormally : Unhandled signal 6 (). Core dumped.[cpWatchDog 2765 1744478736]@RD6281[22 May 14:54:05] [SUCCESS] SFWD started successfully (pid=5887)

Ok, this happens to me almost every time I open SR. I always explicitly state in the SR it is SMB appliance, exact model  "1470 wired", firmware revision and so on. And every time it will go like this:1. TAC will send me reply that R77.20 is no longer supported and I shall upgrade to at least R77.302. TAC will ask me for bunch of log files that do not even exists on SMB3. TAC will ask me for /var/log/messages and we all know on SMB this files is almost useless in debugging.4. TAC will upload software for Gaia on my SMB and try to run it again and again (that was actually fun to watch)5. TAC will disappear for a day or so and then kindly apologize that they do not really support SMB and my SR will be forwarded to another division.6. After some time I will get another reply that this needs to be investigated by Devs. At the end problem is always happily solved. So, is it like that for you guys? Am I just doing something wrong? Like not putting some valuable info? Or just pure luck?

Guys,That build is causing significant traffic delays and CPU load is higher than that of R77.20.81. Any of you experiencing similar problem ?

R77.20.86 for Small and Medium Business Appliances Check Point 1400 Appliance - FAQ What's New in Check Point R77.20.86 for SMB Appliances? New Mobile Application Push notifications for immediate reaction to security and network events. Easily manage and switch between multiple Security Gateways with a single login. Monitor your network and security status with simplified pages of statistics for traffic, events, and more.  In addition to the above, R77.20.86 includes many other important features. For more information, refer to the SMB WatchTower App Release Notes.  Send security logs to an on-premise LogServer when connected to vSMP. The VPN remote access user password can now consist of more than eight characters.    Supported Appliances The supported appliances are: 700 910 1400