Dameon Welch-Abernathy

Managing Unsupported Gateways with Check Point R80.10

Discussion created by Dameon Welch-Abernathy Moderator on Aug 9, 2017
Latest reply on Sep 7, 2017 by Valeri Loukine

You may have noticed when creating a new gateway object on an R80.10 management console that you can create a gateway going back to version R70:

 

 

This seems to contradict the R80.10 Release Notes:

 

 

Does managing older gateways work? Turns out, it should, with a couple of caveats:

 

  • If this is a fresh installation of R80.10, or if you've upgraded your Internal CA to a SHA-256 key, the oldest version of Security Gateway that you can manage is R71. This is because older gateway versions do not support SHA-256 certificates for the Internal CA (ICA). Refer to: SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA) 
  • While it may technically work, managing gateway versions prior to R75.20 is still unsupported.

 

At a future date, options for managing these unsupported products will be removed.

Outcomes