- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hello,
I have detected several errors after upgrading CP 1530, 1550, 1535 (I have several devices in multiple locations) to the latest version R81.10.10 (996002845).
Error #1 When I try to change the excluded items in Threat Prevention and SSL Inspection (added earlier in firmware R81.10.08 (996001683) I get errors as in the screen attached to the post.
Error #2 is Unable to run SSL exclusion for MAC devices in SSL Inspection I get an error about not pressing the SAVE key. Despite performing this action. Unable to save selected Assets to bypass: macOS
Only a factory reset of version R81.10.10 (996002845) and entering the configuration by hand solved the problem. Restoring from a copy causes the same errors.
Please verify on your devices.
The rulebase issue was already solved - we plan to release a JHF version which includes the fix next week.
I would suggest to open a SR# with CP TAC !
That seems like TAC case to me as well.
Andy
I will open SR# with CP TAC.
The strange thing is that the problem is ascending on every device, not just one.
The devices come from one distributor imported at different times directly from Israel.
I would understand one case but not on every device.
It looks like an obvious error arising during an upgrade from an earlier software version.
Look like some configuration gets corrupted. So it is good if you have a backup of the non-working config...
I have set up an SR# with CP TAC.
I solved the problem on only one device by restoring the factory settings and entering them from scratch by hand.
My private CP1570 is running in the configuration with errors. So I have a copy with a corrupted configuration.
All locally managed?
Yes all devices are managed locally.
Let us know what TAC says. I dont sadly have one myself to test, so cant say for sure why it happens, but sounds like a pretty serious issue.
Andy
I doubt that CP will be able to explain the issue. I had similar experiences with customers, where reconfiguration from scratch after reset did resolve these issues. Using the backup made the issue reoccur...
Hi,
I had the same problem. Locally managed 1550W.
After upgrading from R81.10.08 to R81.10.10. It was not possible to delete or edit SSL inspection exception rules. It was only possible to create new rules.
Solution:
Do not import backups but create everything anew. If there are only a few rules and objects, this can be solved by completely manually creating new rules and objects.
If there are many objects and rules, I recommend to create a request to TAC.
In my case, problem solved by creating a TAC request. TAC created a new build and everything is now trouble free.
I expect there will be more of these cases.
David
Just curious, was it a custom build they gave you?
Andy
Yes, R81.10.10 (996002870)
David
Can you make it available?
Maybe she will solve my problems without the need to restore factory settings and enter all by hand.
I myself am waiting for TAC's answer, they already have it assigned and have received the necessary information from me. It remains to wait.
I understand, but I am not authorized to share this firmware.
I would recommend to urge TAC.
Hey @luk89as , just my personal suggestion. If this is urgent, which it sounds like it would be, just call TAC number, update the case with this thread and tell them you need that image build as soon as possible, so they can provide it.
Best,
Andy
I can add another one to this issue. Its not a super critical box but I cannot edit policy at all, I get the "invalid text" message with any change to policy. I'll watch for a new build for a while.
Invalid text if you try make any change or just add a comment?
any change to the current locally managed policy rules results in the error. New rules add successfully. I have nothing in the comments for any of my existing rules.
Yes, I can confirm, I had the same problem with editing rule comments, among other things. I recommend you to make a request to TAC.
The rulebase issue was already solved - we plan to release a JHF version which includes the fix next week.
Checkpoint technical support provided me with the firmware: R81.10.10 (996002878).
After the update, the problem disappeared and I can edit the TP and SSL exclusion tables without errors.
However, the error of not being able to save the configuration after selecting the "Assets to bypass: macOS" option in SSL exclusions has not been resolved.
I hope they will solve it in the next firmware version.
Hi,
We are planning to fix the macOS issue in our next release.
Thanks,
 
					
				
				
			
		
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count | 
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | 
Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewWed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY