You may have noticed when creating a new gateway object on an R80.10 management console that you can create a gateway going back to version R70:
This seems to contradict the R80.10 Release Notes:
Does managing older gateways work? Turns out, it should, with a couple of caveats:
- If this is a fresh installation of R80.10, or if you've upgraded your Internal CA to a SHA-256 key, the oldest version of Security Gateway that you can manage is R71. This is because older gateway versions do not support SHA-256 certificates for the Internal CA (ICA). Refer to: SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA)
- While it may technically work, managing gateway versions prior to R75.20 is still unsupported.
At a future date, options for managing these unsupported products will be removed.