Dameon Welch Abernathy

Managing Unsupported Gateways with Check Point R80.10

Discussion created by Dameon Welch Abernathy Employee on Aug 9, 2017
Latest reply on Sep 7, 2017 by Valeri Loukine

You may have noticed when creating a new gateway object on an R80.10 management console that you can create a gateway going back to version R70:

 

 

This seems to contradict the R80.10 Release Notes:

 

 

Does managing older gateways work? Turns out, it should, with a couple of caveats:

 

  • If this is a fresh installation of R80.10, or if you've upgraded your Internal CA to a SHA-256 key, the oldest version of Security Gateway that you can manage is R71. This is because older gateway versions do not support SHA-256 certificates for the Internal CA (ICA). Refer to: SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA) 
  • While it may technically work, managing gateway versions prior to R75.20 is still unsupported.

 

At a future date, options for managing these unsupported products will be removed.

Outcomes