The Firewalls have been new installed and the next step would be the upgrade to the current version, but we have now this problem.

As i wrote:

all was working, routing, reachability also from outside location  
But after reboot I cant ping anyhting except the default gateway address

Arp entry on the appliance is present for the default GW address

We recommend starting with a fresh install of your desired version off a USB key, rather than starting old and upgrading it. You'll get a cleaner install and better performance, as the file system on the disk will be newer and faster. An in-place upgrade (or clean install through CPUSE) will not upgrade the file system.

https://support.checkpoint.com/results/sk/sk65205

Is there even a JHF on the machine currently?

I agree with Emma, between troubleshooting this (without TAC) and navigating the multi-step upgrade save yourself some time.

Hey there,

thanks for your help.
The Firewall sadly is on the other side of the world, no joke at this point its 12000km away 🙂

I will try to find someone who can manage this upgrade as you suggested.

I will come back if the problem persists after upgrade.

I read all that was said here and Im almost 100% positive the upgrade here may not solve much, specially if the error says what you wrote, network is unreachable. Yes, I agree with both Emma and Chris, version is totally unsupported, but first, before you upgrade, routing should be fixed. Personally, you could be on R55 or R82, if routing is broken, it wont make any difference,

Lets start with basics here...if you run this command from expert mode -> ip r g 8.8.8.8, what do you see? Does it look correct? Also, can you send output of just route command?

Best,

Andy

Hi

[Expert@xxxxxxxxxx:0]# ip r g 8.8.8.8
RTNETLINK answers: Network is unreachable

Kernel IP routing table
Destination     Gateway        Genmask       Flags           Metric Ref Use Iface
aa.xxxxxxx.0           *           255.255.255.252 U 0 0 0                            bond1   <----- Sync Link
bbxxxxxx.0                 *           255.255.255.240 U 0 0 0                            eth2 <----- Uplink
cc.xxxxxx16               *           255.255.255.240 U 0 0 0                            Mgmt <---------- MGMT
ddxxxxxxxx.0               *           255.255.255.0 U 0 0 0                                 eth1 <--------------LAN

the default gateway is not present, also after set route default command

it should look like that, shouldnt it?

Destination  Gateway              Genmask             Flags Metric Ref Use Iface
default         a.b.c.1                     0.0.0.0               UG 0 0 0                    xxxxxxx

so the question is, why the device is losing the defualt route and why i cant configure it again?

Is routed running? Can you check the cluster pnotes?

can you help me with that? 
how can I check this?

cphaprob stat

cphaprob list 

ps aux | grep routed

Ok, maybe silly question, but if you are setting DG via clish, are you running save config to save it?

Andy

1) is the default route ip into same interface's network?

2) are you sure you are not configurin a default route ip assigned to your interface?

Sorry for dumb question 🙂