- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hello,
we have VSX Gateways with R77.30 managed by R80.20. On one VS, acceleration is disabled according to fwaccel stat.
Accelerator Status : on
Accept Templates : disabled by Firewall
disabled from rule #112
Drop Templates : enabled
NAT Templates : disabled by user
However, we see no reason for this in rule 1.112, and even moved this rule. The status did not change, neither did the rule number diabling acceleration. We found sk62323, and the note regarding R80 to add/substract one from the rule number. But the surrounding rules also dont look like they could disable acceleration.
How can we map the Rule number from R80.20 Policy to the gateway?
Regards, Arne
I believe you’ll find the relevant files in the backward compatibility directories for R77 (not in $FWDIR/conf).
To understand, which rule exactly prevents SecureXL from creating Accept Templates:
Open the policy files on Security Management Server / Domain Management Server:
$FWDIR/conf/<Security_Policy_Name>.pf$FWDIR/conf/<Security_Policy_Name>.set(rule-N', where N is the rule number in the output of 'fwaccel stat'. name' of the calculated rule within policy files. name' within your SmartConsole rulebase (might be a completely different number to the calculated number within the policy files).Hello,
there is no $FWDIR/conf/<Security_Policy_Name>.pf File. And the $FWDIR/conf/<Security_Policy_Name>.set was not updated since we upgraded the MDS from R77.30 to R80.20:
-rw-rw-r-- 1 admin root 15528060 Nov 28 12:36 Standard.set
So I guess Policy Compliation changed significantly with R80, not leaving this file any more.
Any other hints or ideas?
Try $FWDIR/state/local/FW1/local.rule
I believe you’ll find the relevant files in the backward compatibility directories for R77 (not in $FWDIR/conf).
Thank you for the reminder. We did indeed find the file under $R77CMPDIR of the CMA, found that rule #112 was indeed rule #1.112. And seeing the full rule, I realized I had hidden the "time" column in my SmartConsole.
There was a time object limiting validity, and removing this re-enabled acceleration.
I'm glad we could help you.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 12 | |
| 12 | |
| 9 | |
| 7 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY