cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
SMB Appliances and SMP

Have a question about our Small Business Security and Branch Office Security solutions? This is where to ask! This includes the 600, 700, 900, 1400, and 1500 Series appliances, Security Management Portal, and legacy SMB appliances (UTM-1 EDGE, Safe@).

G_W_Albrecht
G_W_Albrecht inside SMB Appliances and SMP 2 hours ago
views 133 1

1550 / 1590 Jumbo Frames Support

I was not able to locate this in the new  features listing from sk159173 - but in sk111407 Jumbo Frames Support we read: Small and Medium Business Appliances 1550 / 1590 Starting from R80.30 Jumbo Hotfix Take 76    OK, in fact you will you need central management with R80.30 JT 111, but it is a real enhancement as: The following appliances do not support Jumbo Frames: 600 / 1100 / 1200R / 700 / 1400 / 900 Small and Medium Business Appliances But sk159772 Check Point R80.20 for 1500 Appliances Features and Known Limitations tells us that neither centrally nor locally managed 1500s do support Jumbo Frames... I have provided SK feedback to get at the truth in this.
nwagbem
nwagbem inside SMB Appliances and SMP yesterday
views 56 1

kworker cpu usage 1200r

Hi, I have the kworker process using 100% of 1200r cpu, I am not sure what is causing this nor how it can be resolved. Can you help? 
tony1
tony1 inside SMB Appliances and SMP yesterday
views 117 3

910 SMB random reboots/crashes

Hello everyone,I am here to try my luck. Can you suggest me the best way to debug 910 random crashes? It usually reboots/crashes and after logging to the CLI of the GW, it responds very slowly. The CPU and memory usage seems normal according to the TOP output. The /log/messages just says that i reboots. I cannot find some hints about the problem there. I have booted the GW in debug mode and I have the putty console output now. What should I focused on? I would appreciate any advice. I am new to this. Thank you.
tony1
tony1 inside SMB Appliances and SMP Friday
views 107 4

Editing the specific 1430 SMB interface cause deleting the route

Hello everyone,I am looking for help. We have 1430 which is in the 10.x.x.x/24 mgmt subnet. We manage it from smarconsole on the server from 192.168.x.x/24 subnet. There is route from 10.x.x.x/24 to 192.168.x.x/24 on the GW. I have explored that if I edit the mgmt interface (ip 10.x.x.x) on our 1430 using webUI. Or just click on the edit button, change nothing and click on Apply, the connectivity to the gw from 192.168.x.x/24 subnet will be lost(no WebUI, no CLI, no ping). I checked the routing table (expert->route) and found out that the route just disappears. It happens everytime. It seems like the "editing action" cause deleting the route. The problem can be fixed manually adding the route to the routing table of the GW. The GW has the newest firmware. I would appreciate any advice. Thank you.

S2S VPN connectivity issues

Hi, I have S2S VPN to another 5000 series appliance running R80.10. It happens every now and then that the tunnel is up and one host can SSH to a host on the other end but another one can't. The strange thing is that the host that can't SSH is able to ping the IP on the other end. Problem happens with any protocol (RDP, HTTP, etc). Only ICMP seems to always work.  Resetting VPN tunnel solves the problem but it started to annoy me already so I am looking for more permanent solution. We tried to switch tunnel sharing from per-net to per-host with no success.  Have you ever encountered such issue ? Is it possible to be TP policy on the other end that is causing this issue ? 
G_W_Albrecht
G_W_Albrecht inside SMB Appliances and SMP Friday
views 154 3

A new firmware version is available: 1500_R80.20.00_992000696

Device > System Operations show: A new firmware version is available: 1500_R80.20.00_992000696 But when searching in UserCenter, no such firmware is found... Only R80.20 Build 992000668 for 1500 Appliances is present. Why that ?
G_W_Albrecht
G_W_Albrecht inside SMB Appliances and SMP Thursday
views 226 4 1

1550 SMB IPS and TP troubles

Finally, i have a working IPS on the 1550 in my Dashboard. But still, some issues remain. Look at my GW list with enabled blades:                                   Looks good - but what about TP Updates ? TE lists all GWs with TE enabled:                                         But IPS, AV and ABOT do not list it, look at the IPS Update Statuses:                                         You will only see in Device & License Information of the 1550 (or CLI) that it is updated - it does show IPS not updated, but the Version is the newest one:                 Hard to explain this to customers...
Wolfgang
Wolfgang inside SMB Appliances and SMP Thursday
views 136 1

DNS forwarding for internal domain

Hello CheckMates, is it possible to configure a DNS forwarder on a SMB appliance for specific domains? Meaning, clients have the appliance configured as DNS server, and the appliacne forwards requests for internal domain to the central DNS at the central site over VPN and all other requests are forwarded to DNS-server from provider. Problem is that the remote sites can access internet via local appliance. Connectivity to the central site is done via VPN and all internal DNS-server are hosted only at the central site. If the VPN connection to central site is up everything is fine, but if the connection is lost the clients can't resolve DNS names. Other vendors have a feature to do this DNS forwarding like described, but I missed this on Check Point appliance.  Another option would be to have a local DNS-server, but we don't want run any servers local. All ideas are welcome Wolfgang
G_W_Albrecht
G_W_Albrecht inside SMB Appliances and SMP Thursday
views 118 1

1550 hosts encountered an exploit attempt

CheckPoint SmartView is a good tool for log reviews with its templates like Attacks Allowed by Policy. During IPS profile testing on the 1550 - you had to limit IPS protections in a special SMB profile with the older Embedded GAiA models while 1550 / R80.20 now has a TP policy like all GAiA GWs do - i also used SmartView. This gave me an odd encounter i would not have expected: hosts encountered an exploit attempt ! Have a look:             The 1550 FifteenFifty 😊 is managed by SMS7520 🙃 and set to send Security  Logs and Syslog there. Seems not to be easy with Syslog, though:                                         Matthaeus 5:30: And if thy right hand offend thee, cut it off, and cast it from thee 😎
junior_kakou
junior_kakou inside SMB Appliances and SMP Wednesday
views 164 6

Remote Access Client Authentication VPN SSL (R77.20.86)

Bonjour tout le monde J'ai configuré l'accès distant VPN avec SSL. Pour connecter les utilisateurs distants, ils fournissent un identifiant et un mot de passe. J'ai Active Directory et j'aimerais que les utilisateurs authentifiés sur le domaine puissent utiliser leur accès Active Directory pour se connecter à vpn. Comment puis-je y arriver? J'utilise le point de contrôle 1490 GTP Version: R77.20.86 (990172855) Merci
TOM_MORAN
TOM_MORAN inside SMB Appliances and SMP Wednesday
views 240 3

exclude services vpn Gaia embedded

Hi when setting up a VPN in R80.10 there is the option to exclude services from the VPN Community. My question if using Gaia embedded & administrating via the Webui is it possible to do the same?The firewall in question is a 1450 running R77.20.86 .Is this supported on GAIA embedded? all help is appreciated    
Hugo_vd_Kooij
Hugo_vd_Kooij inside SMB Appliances and SMP Tuesday
views 219 6

Memory leak in 14xx appliances with IPS enabled

Hi, Do any of you have ticket(s) open in regard to memory leak issue in the 14xx appliances with IPS enabled? So far we have seen this in 2 distinct setups. In on of these it only happened on 1 of the 30 remote offices. But we have run about a dozen different firmware versions and the issue was never resolved. If anyone want to share their ticket number(s) in a private message we can join forces and make Check Point more aware of the problem. Regards, Hugo.
G_W_Albrecht
G_W_Albrecht inside SMB Appliances and SMP Tuesday
views 152 1

LED indicators on 1550 Embedded GAIA appliance

For the older models we have sk123865 LED indicators on Embedded GAIA appliance - but not for the 1550 !                 We have four LEDs, from right to left they are: - On / Alert LED : Will blink in red for alerts - Internet LED : Shows if the internet connection is working - Cloud LED : Shows if the SMB is managed from the cloud, else it is off - WLAN LED : Shows if SMB WLAN is enabled, else it is off The first two LEDs were called Power and System on the old UTM-1 Edge, WLAN LED was present as WLAN LED and this model also had a very valuable additional LED - the VPN LED reflecting the current VPN status ! That times are long gone, we now have the Cloud LED that will light up when connected to Cloud management and be off if managed centrally or locally. Initially, i thought this will light up if all TP services are updated to the current version - might be a helpful feature, but this LED only cares for cloud...
Djelo_Arnautali
Djelo_Arnautali inside SMB Appliances and SMP a week ago
views 190 3

SMB 1470 centraly managed and management throught VPN

Hello,i have in production 2 1470 SMB appliances that are locally managed. One 1470 is at  site A and the other one is at  site B. Both 1470 SMB are DAIP gateways and we are using NoIP DDNS.There is site-to-site VPN. The customer is imlementing Remote desktop service  for thin clients and wants to be able to implement firewall rules specific for a specific user and because with RDS the connection is comming always from the same IP adress i have to install MUH (Multi user agent) ond the RDS server. When the SMB appliance is managed locally there is no possibility to use the identity agents but for the centrally managed SMB the agents are supported based on the sk97751.  In this SK it is not clear if MUH agent is supported. I have few questions:1. If i install Secure management R80.10 in site A can i import a configuration from a locally managed device to the SM server and if yes how?2. When i connect SMB 1470 on site A with the SM R80.10 and configure the S2S VPN with  locally managed 1470 on site B how can i configure Firewall B to be managed by the SM that is on the siteA? If i change on the firewall B the option security management from local to central i presume it will clear all the configuration and i will lose the VPN and cut off myself from the fireall B.     
Sanja_Rakic
Sanja_Rakic inside SMB Appliances and SMP 2 weeks ago
views 233 7

Cluster of two 1200 R devices in bridge mode

Hello everybody,I have two Check Point 1200R devices and they have just one bridge made of two LAN interfaces connected to the rest of the network. I want to create HA cluster and I constantly fail. These gateways are being centrally managed.All interfaces are up, but once I try to get the topology, I constantly see just one of the LAN interfaces making cluster.Do you have any idea how to troubleshoot it?Best regards, Sanja