Thanks for the support, but I need change remote peer address on star community and not the PSK. 
Changing the remote IP address does not create impacts right? 
Sorry for asking all these questions, but in the next few days I have to do this activity that impacts production and I am very concerned 🥶

After changing, and clicking OK I got message:

What am I misssing?

Is there any kb for this. I am not sure to test and play with this in prodiction time and equipment.
Why is this so complicated?

question - why do you not just change peer ip on interoperable device object in SmartConsole? After doing this, you will have to install policy to apply the settings to the gateway(s)

(until policy has been installed to device, the gateways are using their current settings)

I am trying to to exacly that.

networok object -> interoperable device 

right click on that interoperable device ->edit

change Name to new store Name
change IPv4 to new IPv4 address.
click OK

and then, that abowe error apear...

Hey @freeman91 , maybe I missed it, but what is the error that appears?

Andy

I just changed IP address to new one and name of the store.

R81.10 gw

R81.20 mgm server

Never had that issue myself...maybe try deleting it and creating new one?

a bit stupid question. I need just to create new interoperable device and assign it in existing VPN Community like old one?

Yes, BUT...to be 100% sure there wont be any conflicts, personally, I would try delete one with the issue from guidbedit first, install policy and to that.

Andy

I tried with other interoperable device, and this time I just changed one letter in the name, and result is the same. Can this be some bug or something?

I dont think so, I did that so many times, never had an issue. I really cant say why you keep getting that, would need to see it for myself.

Andy

If you are allowed to do remote, I have 30 mins before I start my day, so we can definitely check, let me know.

Andy

Thank you for your willingness. It is not up to me to this time.

I am kind of people that will search over the internet, twice, before let someone to do a job insted of me.

Dont look at it like that, my motto is we should all work as a team to help one another, thats it. 

Anyway, lets just recap briefly:

1) you get same error with new interoperable object?

2) Did you try delete forst one via guidbedit and install policy?

3) if yes to 2, does same issue remain?

4) If no to 2, any different warning?

Andy

Also, FWIW, make sure that maybe another session has not "locked" the object, if you see a lock sign on it, just navigate to what I attached and you can right click on the session if lock shows any digit other than zero and take over or discare and then try again.

Andy

1) you get same error with new interoperable object?

No. I have like 20 Interoperable object, and I tried to change just a name on other one, also in production. So no IP address is changed, just name from "SiteBtest" to "SiteBtes". And I get the exacly same error like for the first Interoperable object 

2) Did you try delete forst one via guidbedit and install policy?

No, I have to explore this guidbedit a bit more bc I see it has no Discard option and I have not enough expiriance to play with it.

3) if yes to 2, does same issue remain?

4) If no to 2, any different warning?

G_W_Albrecht just posted this SK. Looks promising 🙂

https://support.checkpoint.com/results/sk/sk182598

Agree! Just looked over it and it may fix the issue, I see its only few months old.

Andy

when you have the pre shared key - another way to do this.

This has shown first at one of our customers when he tried to change or just open old interoperable devices and lead to the following SK:

sk182598: Unable to update a Security Gateway object or interoperable device

This KB works only until step 15.

15. In the Traditional mode IKE properties window, clear the options you selected earlier in the sections "Support key exchange encryption with", "Support data integrity with", "Support authentication methods".

because, when I clear all checkbox that I checked minute ago, it says that I have to check integrity and encryption check box, and I can not leave it blank.

I will explore second method with guiDBedit Tool

I honestly feel thats your best option.

Andy

I have found way it say the value is 0, bc it is. 

KB says

5. In the lower pane, right-click the field isakmp.phase1_DH_groups > select Reset

This is a bit expert level of tshooting. I am not sure what Reset is going to do?
Do you have expirience with it?

Never done it myself, I would confirm with TAC.

Andy

I would highly appreciate that!

I meant YOU would need to open a case and confirm lol

Andy