Showing results for 
Search instead for 
Did you mean: 
Post a Question
Tim_Bernat inside SMB Appliances and SMP yesterday
views 1453 7

Internet link QoS bandwidth limiting not working on 620 Appliance

Hi All,I have tried using the bandwidth limiting (is that actually policing or shaping?) on a couple of our 600 appliances but without success. Seems simple enough, but just to be sure I checked with the Appliance Administration Guide:QoS Settings (bandwidth control) - supported in IPv4 connections onlyTo enable QoS bandwidth control for download and upload for this specified connection, select theapplicable Enable QoS (download) and/or Enable QoS (upload) checkboxes. Enter the maximumKbps rates for the selected options as provided by your ISP for the Internet upload and downloadbandwidth.Make sure that the QoS blade has been turned on. You can do this from Home > SecurityDashboard > QoS > ON.All the commands are accepted, but seemingly nothing happens, I can't see anything in either of the logs. I tried different values, high and low, but no change on the devices:I know 100 bit is a bit silly, but this was just to make a point. I have also tried other higher rates : )End user devices still can pull what they usually can:On one of the appliances I saw this error after enabling QoS blade, but I have tried a different, no error, but no limiting.Can you suggest anything? We have a lot of these and this option would be really useful. Cheers, Tim

SMB layer 2 setup

Hi all,Currently we are designing protection for a factory. They have a fiber ring and want to protect their process automation. We implemented some 1200R firewalls in bridge mode with strict policy and it works fine.The problem is in the current setup people can easily remove the firewall and the protection is gone. It did happen when the System Integrator had some problems, removed the firewall, solved the problem and did not restore the connection.There is a possibility to use a RADIUS server, but I'm lost in how to set this up on the 1200R.Does anyone have an idea on how to solve this?And NO we can not use Layer3 on the 1200R, the PLC's only support Layer2 communication.Thanks in advance!Henk
Bjorn_Tore_Gard inside SMB Appliances and SMP Friday
views 3986 23 4

Gaia Embedded - R80.10

Hi.I am not finding any information on when R80.10 is to be released for installation on the Gaia Embedded gateways ? (1450).Does anyone have any information ?Thank You.
destek inside SMB Appliances and SMP Thursday
views 856 4

Allow Remote Access Users to remote VPN site trought HQ Office GW

Hi, We have a Check Point 1430 Security Appliance. This device have an IPSec Tunnel to remote network (Azure). I want to permit access to remote access users (Client To Site VPN) for this remote site. I've searched for hours I can't find any solution to solve my problem. I can ping Azure servers from HQ Office LAN but I'm not able to ping from remote access computer at the moment.
MattDunn inside SMB Appliances and SMP a week ago
views 457 1

700 Appliance VPN Certificate

Query, I've set up a 730 appliance with SNX. When I browse to the page and check the certificate, the certificate shows the MAC address of the box. I've not come across that happening before. Normally it shows the hostname of the appliance instead. Any ideas why the cert if showing the MAC address, and how to make it show the hostname like normal?
Kristian_Nyquis inside SMB Appliances and SMP a week ago
views 1046 6 1

Problem to install policy

HiI am trying to install a policy on my 1430/1450 GW with Smart Console. When i try to install the policy for gateway VPNbox1 I get the following error message:Gateway: VPNbox1Policy: Policy_VPNBox1Status: Failed - Compatibility package is not properly installed or configured.--------------------------------------------------------------------------------The Gateways are according to the picture bellow:On my 1430/1450 unit I get an error when I try to fetch the policy.Is it possible that theses two errors is related?I have created a policy so the DCP traffic allowed in the gw-833ff3.In the fw monitor i get traffic between the eth interfaces on i,I,o and Ogw-833ff3> fw monitor -e "host(XXX.XXX.XXX.XXX), accept;" monitor: getting filter (from command line) monitor: compilingmonitorfilter:Compiled OK. monitor: loading monitor: monitoring (control-C to stop)[vs_0][fw_1] eth5:i[60]: XXX.XXX.XXX.XXX -> XXX.XXX.XXX.XXX (TCP) len=60 id=16128TCP: 50078 -> 18191 .S.... seq=bb411dba ack=00000000[vs_0][fw_1] eth5:I[60]: XXX.XXX.XXX.XXX -> XXX.XXX.XXX.XXX (TCP) len=60 id=16128TCP: 50078 -> 18191 .S.... seq=bb411dba ack=00000000[vs_0][fw_1] eth5:o[60]: XXX.XXX.XXX.XXX -> XXX.XXX.XXX.XXX (TCP) len=60 id=0TCP: 18191 -> 50078 .S..A. seq=d491f51f ack=bb411dbb[vs_0][fw_1] eth5:O[60]: XXX.XXX.XXX.XXX -> XXX.XXX.XXX.XXX (TCP) len=60 id=0And alot more packages that i are not including
Gary_Lai inside SMB Appliances and SMP 2 weeks ago
views 1219 3

Check Point 750 Speed issue

Dear Sir,Model:CP750Blade: Firewall , Application & URL filtering , User Awareness, Remote AccessSubscribed Internet Rate: 500Mbps Download, 100Mbps UploadBut using network speed, the speed is between 30~90MbpsI check if the CPU and memory are normal. Does the CP750 have a similar cpview command to check interface traffic?I suspect that it is not a problem with CP.
Davide_Piccolo inside SMB Appliances and SMP 2 weeks ago
views 1247 6

VPN configuration for locally managed 1400 appliance with LTE USB modem

Hi everyone, I'm in the middle of a test and my final objective is creating a VPN connection between my Central office and a branch office that has a 1400 series applaince that's using a USB LTE modem.Currently I'm using a Huawei E3372 LTE USB stick modem. According to sk92809, I've upgraded my appliance to R77.20.80 version. I'm able to have internet connection, but have no idea how to configure a VPN via DAIP.Is there anything I should change from the modem (NAT, ports) ?Is there documentation?Has anyone experience in this kind of setup?Thanks in advance for your help
Taekyoon-kim inside SMB Appliances and SMP 2 weeks ago
views 1141 3

1430 appliance serial number checking way

HiI want to know how to check the serial number in the appliance CLI and GUI.Appliance is 1430.That version is R77.20.70. Thank you !!
mfhunruh inside SMB Appliances and SMP 2 weeks ago
views 922 1

Route internet traffic through VPN site

Hello!I have a Check Point 1100 Appliance (Site A) and a remote server (not a Check Point) (Site B).I set up a VPN site-to-site (IPsec).How can I make all internet traffic from the Check Point LAN pass through Site B? P. S. I do not have a management server
Tim_McColgan inside SMB Appliances and SMP 3 weeks ago
views 1440 5

SMB 1430 configuration

I am configuring a new 1430 device and during either the First Time config or configuring afterwards - every time I change the LAN networks to a new IP scheme (from the default 192.168.1.x network) I cannot log back into the device from the GUI. However, I can SSH into it. I tried to turn the firewall policy to 'off', I even created a custom rule to allow HTTP access from the LAN networks, but no luck. I am aware that the port needed for https admin access is 4434, I even tried to change that to something else such as 8443. What is occurring, is that if I go to the firewall's new IP address (without including :4434) I get the Chrome error of 'your connection is not secure'. Usually not an issue, I just click 'advanced' and continue to the page. However, it never continues to the firewall login page, just back to the Chrome page of 'your connection is not secure'. If I reset the box to factory, I can get back in just fine on default address. Any help would be appreciated.
Junior inside SMB Appliances and SMP 4 weeks ago
views 485 2

Access to DMZ from internet

Hello all dear. I would like help setting up an internet access to a web server located in a DMZ. I created a manual NAT to forward packets to NAT. but I can not access the server. Here are my rules and here is my schema:Outgoin Traficthank
dwinurm inside SMB Appliances and SMP 4 weeks ago
views 1308 6

checkpoint 1490, user can't get ip from dhcp server on checkpoint

hello everyone, i have vlan on checkpoint for dhcp server access point,but in this section, user can't get ip from dhcp serverand when i'm check in log "no free leases"can everyone help my problem,thanks and regards.
Fernando_Hagels inside SMB Appliances and SMP a month ago
views 624 1

How to check the VPN topology that was generated for managed Gaia Embedded appliances?

Hello all: Is there a way to check the loaded VPN topology for a centrally managed Appliance ? in order to verify:VPN Servers and interfacesSubnets or vpn domains in a few words... the equivalent of sk64040 for the Gaia Embedded appliances. the main reason is for troubleshooting purposes... (very helpfull for me on SMB appliances). thanks in advance for your time and comments.
wisllbfea1eaf-4 inside SMB Appliances and SMP 2019-05-16
views 573 4

Firewall Applicance model 1450 missing the connection.

Hello, gentlemen. We have an SMS with R80.10 and some model 1450 APPLIANCE remote firewalls. Checking the Smart Console on the GATEWAYS & SERVERS tab notices some firewalls with an X in red in the STATUS column and in the USAGE CPU column nothing is displayed. When the firewall stays in this state i can not access the web and not through SSH. When i click on the firewall and then click MONITOR, the CONNECTION WITH FIREWALL IS LOST state is displayed. The firewall resumes communication after a manual reboot. The remote firewall is model 1450 applicance and uses firmware R77.20.80 (990172392). Has anyone gone through this can give a hint?