This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend
Legend
‎2022-03-02 04:21 AM
Jump to solution

R81.10 cipher_util issue

cipher_util does no longer work for multiportal in R81.10, look for yourself:

- start cipher_util

- display multiportal cipher list

- disable one cipher

- display cipher list shows the cipher as disabled

- quit cipher_util and type y save:

Would you like to save configuration? [y/N] y

Successfuly reconfigured 

Exiting cipher tool...

- start cipher_util

- display multiportal cipher list

---> you will see that nothing was changed and cipher_util has not saved the changes !

CCSE CCTE CCSM SMB Specialist
1 Solution

Accepted Solutions
matangi
Employee
Employee
‎2022-03-03 05:11 AM
In response to G_W_Albrecht
Jump to solution

Hi @G_W_Albrecht 
Yes, issue is present in R80.40 and higher releases

We created a new SK for that matter, see https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&so...

Thanks,
Matan

View solution in original post

8 Replies
matangi
Employee
Employee
‎2022-03-02 07:44 AM
Jump to solution

Hi @G_W_Albrecht 

Thank you for raising this issue

We are aware of this issue and working on a fix, will be released in R81.20 once the tests are completed successfully

  • cipher_util tool works as expected for HTTPS Inspection
  • A valid Workaround of changing ciphers for Multi-portal is to install policy by running "fw fetch local" on the Gateway right after "save configuration" step

Thanks,
Matan

0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-03-02 09:06 AM
In response to matangi
Jump to solution

Replicated issue and workaround on R81.10 and R80.40 GWs. Is there an SK for this issue already ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-03-03 04:40 AM
In response to G_W_Albrecht
Jump to solution

Is it correct that this issue also is present in R81 @matangi ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
matangi
Employee
Employee
‎2022-03-03 05:11 AM
In response to G_W_Albrecht
Jump to solution

Hi @G_W_Albrecht 
Yes, issue is present in R80.40 and higher releases

We created a new SK for that matter, see https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&so...

Thanks,
Matan

the_rock
Legend
Legend
‎2022-03-03 06:35 AM
In response to matangi
Jump to solution

Good job! Just tested with that sk and worked like a charm.

chuck
Explorer
‎2022-11-17 10:29 AM
In response to matangi
Jump to solution

Hi @matangi 

Got the same problem in our upgrade from R80.30 to R81.10.

We tried the workaround in sk178165, does not seem to work.

The only difference from the workaround is that after "Multi Portal" a got to select "TLS 1.2 Ciphers"

Thanks 

 

 

0 Kudos
matangi
Employee
Employee
‎2022-11-20 01:29 AM
In response to chuck
Jump to solution

Thanks @chuck 
In case the problem persists, Please open a service request to Check Point Support

the_rock
Legend
Legend
‎2022-03-03 06:30 AM
Jump to solution

Indeed...tested on R80.40 and above, same issue. On R80.30, works fine.

Andy