- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hi,community.
Delays in TCP communication occurred.Restarting the firewall resolved the issue.
When I checked with a TCP dump, I found that there was a delay of about 6 seconds.
This is the first time I've encountered an issue like this.
It occurred even when I switched to the standby device.
When I restarted the standby device, the issue did not occur.
If anyone has encountered an issue like this, please let me know how to solve it.
Product version Check Point Gaia R80.20
I know this version is no longer supported.
TCP dump log:
01:08:32.493951 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:32.495887 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:32.495922 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:32.505143 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:32.708137 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], seq 1:2, ack 1, win 229, length 1
01:08:32.708183 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [.], ack 2, wi n 229, length 0
01:08:33.113154 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:33.924092 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:35.544168 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 1, wi n 229, length 0
01:08:38.121256 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], seq 1:146 1, ack 1, win 229, length 1460
01:08:38.121305 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [.], ack 1461, win 251, options [nop,nop,sack 1 {1:2}], length 0
01:08:38.122037 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [P.], seq 1461 :2313, ack 1, win 229, length 852
01:08:38.122083 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [.], ack 2313, win 274, length 0
01:08:38.361060 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [P.], seq 1:17 2, ack 2313, win 274, length 171
01:08:38.361132 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [F.], seq 172, ack 2313, win 274, length 0
01:08:38.362012 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [.], ack 172, win 237, length 0
01:08:38.362491 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [F.], seq 2313 , ack 173, win 237, length 0
01:08:38.362533 IP sample-03.12345 > XXX.XX.XXX.4.26472: Flags [.], ack 2314, win 274, length 0
01:08:38.362553 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [R.], seq 2314 , ack 173, win 237, length 0
01:08:38.362802 IP XXX.XX.XXX.4.26472 > sample-03.12345: Flags [R], seq 22970 44238, win 0, length 0
Install a more current version!
Can be caused by loads of stuff. What have you done to troubleshoot so we can focus more on a specific item?
Maybe start with a HCP health check and see if we can work from that:
https://support.checkpoint.com/results/sk/sk171436
Personally, I would upgrade to least supported version, which is currently R81 base, though I would go with R81.20, if possible.
Andy
Maybe with output of the Super Seven commands, we can provide some guidance: https://community.checkpoint.com/t5/Scripts/S7PAC-Super-Seven-Performance-Assessment-Commands/m-p/40...
However, I strongly suggest upgrading to a supported release.
From everyone,
Thank you very much for your many answers.
After contacting CheckPoint support, I learned that the problem was the monitored process.
Apply jumbo hotfix.
Take 203
ID:PRJ-28793,PRHF-18683
Product:Gaia OS
Description:In a rare scenario, a memory leak may occur in the monitord process.
Take 187
ID:PRJ-6170,PRJ-16475,PRHF-6118
Product:Gaia OS
Description:In some scenarios, the monitord process may consume high CPU. Refer to sk163614.
Install a more current version!
Can be caused by loads of stuff. What have you done to troubleshoot so we can focus more on a specific item?
Maybe start with a HCP health check and see if we can work from that:
https://support.checkpoint.com/results/sk/sk171436
Personally, I would upgrade to least supported version, which is currently R81 base, though I would go with R81.20, if possible.
Andy
Maybe with output of the Super Seven commands, we can provide some guidance: https://community.checkpoint.com/t5/Scripts/S7PAC-Super-Seven-Performance-Assessment-Commands/m-p/40...
However, I strongly suggest upgrading to a supported release.
Thank you for your reply.
I would like to upgrade the firmware too.
However, I don't have a test environment. Also, I'm using it on a delicate system, so I can't just casually upgrade it.
But now that I know that an upgrade is necessary, I would like to suggest that I upgrade my customer.
From everyone,
Thank you very much for your many answers.
After contacting CheckPoint support, I learned that the problem was the monitored process.
Apply jumbo hotfix.
Take 203
ID:PRJ-28793,PRHF-18683
Product:Gaia OS
Description:In a rare scenario, a memory leak may occur in the monitord process.
Take 187
ID:PRJ-6170,PRJ-16475,PRHF-6118
Product:Gaia OS
Description:In some scenarios, the monitord process may consume high CPU. Refer to sk163614.
Excellent!
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
22 | |
17 | |
12 | |
10 | |
9 | |
8 | |
7 | |
7 | |
7 | |
5 |
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 02:00 PM (EDT)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - AMERAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY