- Products
- Learn
- Local User Groups
- Partners
- More
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
Hey guys,
Hope someone might be able to chime in on this and let me know what Im missing. Not sure if its a bug with latest R81.20 jumbo, but based on my tests and logic, does not appear to be and here is my reasoning.
So I have couple of labs in eve-ng (its FANTASTIC and no, they did not sponsor me or pay me to say this, they probably never even heard of me lol) and this is the case at the moment:
Lab 1 (with the issue) Btw, everything in both labs is on R81.20 jumbo 38
mgmt server managing cluster, another single gw and smart event
Lab 2 - no issues at all. Its standalone device managing another single firewall, EXACT same TP policy
So what happens is that regular access network policy works fine, but TP policy gives below errors and I literally applied all SKs I could find in KB, rebooted everything probably 3-4 times (at least), ran cpm script, checked cpm.elg file, but nothing really stands out.
I also attempted all the different TP profiles, but as soon as I disable IPS blade on both gateways, no issues at all. To add, policy was not changed since last week and verification works fine. Current threat prevention profile has IPS and AV on, but even with just ips, issue is exactly the same. I also tried disabling accelerated policy install, no joy.
If anyone has any ideas/suggestions, would be appreciated, of course.
And remember...ALWAYS be kind to one another!
Best regards,
Andy
@MatanYanay and all the guys from R&D who did remote with me, thank you very much, Im very greateful you took the time to even consider that, specially given the fact this is just my lab environment. Im fairly sure at this point this had nothing to do with latest jumbo, because I reinstalled the management and reconnected both cluster and single gw to it and all is fine now, even when using p2p peer sharing category.
Thanks again and please extend my best wishes to everyone who was on remote session.
Best regards,
Andy
Even tried steps below, same issue...
Another quick update...also uninstalled take 38 completelly, rebooted mgmt, tried, same issue...reinstalled latest jumbo, no luck. Ran ./policy_debug.sh script from $FWDIR/scripts dir, will review tomorrow. Very strange problem indeed...
Andy
Thanks mate, really appreciate it. I will respond to emails by Tal.
Hope you are well and safe.
Andy
By the way, I will have remote tomorrow at 2 pm IL time (7 am EST). Your colleague Ofer was nice enough to accomodate that. Im still going through policy debug I generated yesterday.
Kind regards,
Andy
Further testing I had done today...just to see if it would make a difference, I deleted single gw from dashboard, created new object with same settings, but now, though I enabled IPS blade, it does not even show its enabled from ips stat command on the expert mode. To me, logically, that clearly would indicate this is mgmt problem, NOT the fw.
I could be mistaken, but just my logical thinking...
Andy
Thanks very much @Tal_Paz-Fridman for arranging a call with your colleagues from R&D for this issue, Im very grateful mate. So, to summarize, Daniel from R&D ran a debug on my affected lab mgmt server and saw that apparently something was missing with p2p file sharing object, which was used in the policy, but even after deleting it, same problem was there. He noticed that object was intact in the database of my R81.20 jhf 38 standalone device, so they will try reproduce it in their lab.
By the way, I will copy everything from working standalone device from dir $FWDIR/database onto my mgmt thats "broken" and reboot and see what happens.
Thanks again guys, it really means a lot you are willing to even do remote considering this is ajust a lab.
So, I would say, if anyone is thinking of installing jumbo 38, maybe dont do it yet, until they verify all this first.
Im very appreciative and PLEASE be safe 🙌
Andy
@MatanYanay and all the guys from R&D who did remote with me, thank you very much, Im very greateful you took the time to even consider that, specially given the fact this is just my lab environment. Im fairly sure at this point this had nothing to do with latest jumbo, because I reinstalled the management and reconnected both cluster and single gw to it and all is fine now, even when using p2p peer sharing category.
Thanks again and please extend my best wishes to everyone who was on remote session.
Best regards,
Andy
So....is there anything else from R&D or TAC on issues with this Take version that hasn't been reported?
I have a management still on Take 10 right now that I have been pushing to upgrade with my MSP. Was going to go with Take 26 but with some of the bugs there (particularly the cloud vsec license issues), we held off.
Every GW is on R81.10 so just focusing on patching Smart-1 here
Nothing else reported that I know of or that they mentioned on the call.
Andy
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
16 | |
8 | |
8 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 | |
3 |
Tue 07 Oct 2025 @ 10:00 AM (CEST)
Cloud Architect Series: AI-Powered API Security with CloudGuard WAFThu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Thu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY