AnsweredAssumed Answered

R80.20 SIT Tunnel

Question asked by Daniel Collins on Jan 29, 2019
Latest reply on Jan 31, 2019 by Günther W. Albrecht

So I appreciate this is an edge case, but is a feature of Gaia is hampered by standard configuration in R80.20.

 

I have a SIT tunnel in partnerships with HE tunnel provider, for a routed IPv6 subnet. As with R80.20 you cannot permenantly disable SecureXL, yet SecureXL does not work with a SIT tunnel configured on the device.

 

I have to manually disable SecureXL for IPv6 each time the system reboots.


I wanted to know if this is something other people have had an issue with and if Check Point are aware of issues with SIT tunnels + SecureXL in R80.20. I've traditionally always had to disable SecureXL to get this to work.

 

I've tried adding a crontab that disables SecureXL at reboot "@reboot /opt/CPsuite-R80.20/fw1/bin/fwaccel6 off > /dev/null 2>&1" but this doesn't seem to work.

Outcomes