This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
Legend Legend
Legend
‎2018-11-06 06:03 AM
In response to Sanjay_S

Lots of speculation here, but let's cut through it.  Please provide outputs from following commands:

fwaccel stat
fwaccel stats -s
grep -c ^processor /proc/cpuinfo
/sbin/cpuinfo
fw ctl affinity -l -r
sim affinity -l
netstat -ni
fw ctl multik stat
cpstat os -f multi_cpu -o 1
free -m
enabled_blades

You mentioned initially that you have URLF enabled but not APCL; you almost certainly need to optimize your URLF policy to keep LAN-speed traffic from getting inappropriately inspected in PXL.  See my post here:

https://community.checkpoint.com/message/28972-re-layers-and-the-cleanup-rule?commentID=28972#commen... 

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm
(1)
Who rated this post