CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: Porter

Page 1 of 2 1 2

Search: Search took 0.00 seconds.

  1. Replies
    1
    Views
    2,089

    Re: Problem getting gateway data in smartupdate

    make sure that "CPRID" connections between mgmt server and gateways are allowed - check your logs and see if connection is allowed or dropped
  2. Replies
    2
    Views
    2,602

    Re: Redundancy and policy based routing

    maybe this helps you:

    http://www.cpug.org/forums/isp-redundancy/2952-force-one-isp-isp-redundancy.html

    wrote it some years ago
  3. Re: Endpoint Security E75.10 client constantly disconnects

    first impressions are good - waiting for final user confirmation
  4. Re: Endpoint Security E75.10 client constantly disconnects

    recieved a fixed version of the client
  5. Re: Endpoint Security E75.10 client constantly disconnects

    also suffering with this issue. tried several things - no improvement at the moment. Case open at CP - they are refering to sk mentioned above but I don't believe it will help

    is your OM network...
  6. Re: Endpoint Security E75.10 client constantly disconnects

    have you secure xl active? if so look for sk60200
  7. Re: Multiple Endpoint Connect errors with multiple clients

    which version of cpclean did you use?
  8. Replies
    4
    Views
    2,503

    Re: Mail, Calender / Mobile Access Blade / Iphone

    fixed -> close please!
  9. Replies
    4
    Views
    2,503

    Re: Mail, Calender / Mobile Access Blade / Iphone

    Traveler is already in use, tried to use it with the Webmail application in the Mobile Access tab. Created like described in the R71 SSL/VPN guide. Application is available, can be selected on the...
  10. Replies
    4
    Views
    2,503

    Mail, Calender / Mobile Access Blade / Iphone

    Currently supported for ActiveSync is only MS Exchange, does anyone know how to make it with Lotus Notes? Possible somehow?

    Thanks in advance!
  11. Thread: Project Gaia

    by Porter
    Replies
    82
    Views
    27,428

    Re: Project Gaia

    heard the same about two weeks ago from CP itself
  12. Replies
    2
    Views
    1,536

    Re: R75 Client to R71.20 Gateway

    great, thank you! Already heard that R71.30 will come soon, instead of R75 which will be GA earliest 30.12.2010 :D
  13. Replies
    2
    Views
    1,536

    R75 Client to R71.20 Gateway

    Does anyone know when it be possible? Release for fix etc. From my understanding currently only working up to R70.40.

    Thanks!
  14. Thread: R75 Releasedate

    by Porter
    Replies
    6
    Views
    2,607

    Re: R75 Releasedate

    Thanks chillyjim!
  15. Thread: R75 Releasedate

    by Porter
    Replies
    6
    Views
    2,607

    Re: R75 Releasedate

    You're wrong Barry, you know what I was looking for.
  16. Thread: R75 Releasedate

    by Porter
    Replies
    6
    Views
    2,607

    R75 Releasedate

    Does anyone know when it's GA?

    Thanks!
  17. Replies
    3
    Views
    1,524

    Re: SecureConnect App - Ipone

    I did, thank you!
  18. Replies
    3
    Views
    1,524

    SecureConnect App - Iphone

    I'm not aware in detail but it seems that CP changed their website regarding Iphone:

    SecureConnect for iPhone and iPad | Check Point Software

    Iconn infos removed and added new content...
  19. Thread: Mime Types?

    by Porter
    Replies
    1
    Views
    1,249

    Re: Mime Types?

    already tried by myself, will maybe work with $FWDIR/conf/file_types.C
    anyone who can confirm or wrong direction?
  20. Thread: Mime Types?

    by Porter
    Replies
    1
    Views
    1,249

    Mime Types?

    Hi all,

    is there a way to define (own) mime-types which should be blocked via UFP?

    Thanks!
  21. Replies
    10
    Views
    1,613

    Re: VPN refuses to connect at times

    We also tried several workarounds like reboot, or repairing the installation. In most cases we had to use the cleanup utility an reinstall the client, afterwards everything was working again, client...
  22. Replies
    10
    Views
    1,613

    Re: VPN refuses to connect at times

    in most cases something was broken somehow on the client, no packets were arriving at the gw
  23. Replies
    10
    Views
    1,613

    Re: VPN refuses to connect at times

    we also had such issues, do you see something in the log?
  24. Replies
    157
    Views
    49,517

    Re: R70 multi-core license part II

    this is what I don't get
  25. Replies
    27
    Views
    4,418

    Re: Installing HFA_50 and it is F'ing up my box

    did the upgrade some days ago without having any issues, works fine for me
  26. Re: Bringing up new ISP link, but need to keep app on old link

    about source routing with splat, I've written a howto some time ago:

    http://www.cpug.org/forums/isp-redundancy/2952-force-one-isp-isp-redundancy.html
  27. Replies
    9
    Views
    2,637

    Re: Any Good Noob Books for Checkpoint UTM-1?

    yes I do, coming from ;-)
  28. Replies
    9
    Views
    2,637

    Re: Any Good Noob Books for Checkpoint UTM-1?

    best one ever read:

    Das Buch zu 'Check Point NGX'

    1292 pages but only available in German

    Author also written a book about 4.1, NG and now NGX!
  29. Thread: R65 und UTM-1

    by Porter
    Replies
    11
    Views
    3,452

    Re: R65 und UTM-1

    Diasble NAT inside the Community dürfte das einfachste sein
  30. Thread: R65 und UTM-1

    by Porter
    Replies
    11
    Views
    3,452

    Re: R65 und UTM-1

    hatte die Tage gleichen Issue, habs' hin bekommen, falls Info benötigt einfach melden
  31. Replies
    2
    Views
    1,937

    Re: Nodes mit DNS-Namen anstatt IP-Adresse

    war da auch schonmal dran aber hab's dann verworfen, wenn überhaupt dann mit dynamic objects, am besten doku darüber wälzen
  32. Replies
    2
    Views
    2,369

    Re: Success stories with ISP redundancy

    jap, succesfully since about two years but our links are both the same, implemented source routing for some custom tasks, more information posted here:...
  33. Replies
    17
    Views
    4,557

    Re: HELP! - SPLAT installation

    if you have the correct cd boot it on that machine where you want have splat installed, keep in mind that existing data will be completely erased, no dual boot or so possible, only splat "allowed" on...
  34. Replies
    12
    Views
    7,155

    Re: SPLAT R65 on 2.6 kernel now available

    waiting for hfa2/3 :/
  35. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    you're right! typicall CP behavior of the last time...can't understand why they work in this manner
  36. Replies
    3
    Views
    1,631

    Re: How do you monitor your edge devices

    if Smonitor is open you'll see imediatley if a device is up or not
    maybe you can do something with the custom alert commands which are configured in global properties/dashboard...I have no clue if...
  37. Replies
    12
    Views
    3,099

    Re: Max 4096 MB Memory

    very funny....I'm not here to kidding
  38. Replies
    3
    Views
    1,631

    Re: How do you monitor your edge devices

    I always use smartviemonitor to check my CP devices
  39. Replies
    12
    Views
    3,099

    Re: Max 4096 MB Memory

    thanks melipla :)
  40. Replies
    12
    Views
    3,099

    Re: Max 4096 MB Memory

    thanks for reply guys but the question ist not why I have more than 4 gb, the question is why is the information about the system not correctly displayed.
    I already talked to some guys which are...
  41. Replies
    12
    Views
    3,099

    Re: Max 4096 MB Memory

    R65 hfa2 ;)
  42. Replies
    12
    Views
    3,099

    Re: Max 4096 MB Memory

    thanks for reply, I already check this with CP, max 64 GB
  43. Replies
    12
    Views
    3,099

    Max 4096 MB Memory

    Anyone ever seen this? Installed e.g. 16 gb memory, SMonitor shows only 4 gb installed, also if more than 4 gb in use, SMonitor shows that exactly 4 gb are in use....SCenter runs on splat, command...
  44. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    did a test in the lab, issues still exists, only difference is the error message itself
  45. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    CP mentioned that the installation issue of the edges could be resolved if Smartdefense will be updated. I already have the 7.5.33 in use so I won't be able to find out if that will work, someone...
  46. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    other question about the dynamic ips with edges...is there a open issue?

    thanks again!
  47. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    received it in the meantime and I'm able to install on the edges again...puhh
  48. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    your screen looks great but I don't have the mail about 7.5.33 from CP/Sofaware anymore to login and get the EA stuff
  49. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    thanks for feedback gentlemen!

    After the issue appeared the first time I downgraded to 7.0.48 with the same result. Boxes running on 7.0.45...can't find the 7.5.33 libsw for download? Gone in the...
  50. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    Part2:
    device_name N/A Advanced Security from file /opt/CPEdgecmp-R65/tmp/device_name.pf, line 6735:
    device_name N/A Advanced Security #include "fwui_head.def"
    device_name N/A Advanced...
  51. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    Part1:
    Installation Targets Version Policy Type Details
    device_name N/A Advanced Security Info: VPN-1 Embedded Connector 7.0.1.2 starting
    device_name N/A Advanced Security Info: VPN-1 Embedded...
  52. Thread: Core XL

    by Porter
    Replies
    4
    Views
    3,024

    Re: Core XL

    thanks for you feedback! Currently I do not have any throughput needs or problems, I'm curious about how it works with dual or quad cores
  53. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    haveing problems to install policies on edges since hfa2....anyone else who can confirm that? thanks...
  54. Thread: Core XL

    by Porter
    Replies
    4
    Views
    3,024

    Core XL

    Does anyone know when Core XL will be available for splat? I was wondering if it will be in the next major release or just a rpm or something that can be installed additionally. I heard that it is...
  55. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    installation went smoothly, no problems so far
  56. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    you're right but I never saw that CP released a further fix in such a small time frame
  57. Replies
    56
    Views
    12,839

    Re: R65 HFA02 released

    what tha hell?
  58. Replies
    23
    Views
    6,217

    Re: R65 HFA01 released

    and finally did the update on several productive splats without any issues
  59. Replies
    23
    Views
    6,217

    Re: R65 HFA01 released

    also did it on a splat enforcement point without any issues
  60. Replies
    23
    Views
    6,217

    Re: R65 HFA01 released

    I did the update in a test environment -> splat smartcenter, everthing went fine, no issues or problems
  61. Thread: R65 HFA01?

    by Porter
    Replies
    2
    Views
    1,803

    Re: R65 HFA01?

    it's public, I just downloaded it
  62. Replies
    8
    Views
    2,219

    Re: Edge with SMARTCenter HA

    it's not public yet, I guess it will be in the next days...hopefully
  63. Replies
    8
    Views
    2,219

    Re: Edge with SMARTCenter HA

    I also read that but how does it works? :) What happens if the smartcenter is on a different ip range from a different isp?
  64. Thread: uptime

    by Porter
    Replies
    3
    Views
    1,810

    Re: uptime

    thanks Barry! I saw it while activating this new gateway, it was just fun :)
  65. Thread: uptime

    by Porter
    Replies
    3
    Views
    1,810

    uptime

    I love my gateways ;)
  66. Replies
    3
    Views
    4,494

    Re: ISP Redundancy and routed public networks

    That's what I hopeing since R55, just recieved a fix from CP these days for ISP Red.
  67. Thread: R65 HFA01?

    by Porter
    Replies
    2
    Views
    1,803

    R65 HFA01?

    Does anyone know when HFA01 for R65 will available? And what will be fixed with it? :-)
  68. Replies
    7
    Views
    5,089

    Re: Force one ISP with ISP REDUNDANCY

    in your case use the public adress of the gw instead of 10.0.0.10 for routing, never tried but should work
  69. Thread: Load balancing

    by Porter
    Replies
    1
    Views
    2,176

    Re: Load balancing

    maybe sourcerouting could help you:

    http://www.cpug.org/forums/showthread.php?t=2952
  70. Replies
    7
    Views
    2,351

    Re: ClusterXL WAN Syncronization

    sry, can't provide you with further information about the stuff
  71. Replies
    7
    Views
    2,351

    Re: ClusterXL WAN Syncronization

    you're welcome!
    2 clusters with 2 members each, currently about 80 interfaces at all..throughput I have to check first, let you know then
  72. Replies
    7
    Views
    2,351

    Re: ClusterXL WAN Syncronization

    http://www.cpug.org/forums/showpost.php?p=8613&postcount=2
  73. Replies
    1
    Views
    2,425

    Re: ISP Redundancy ?

    recommend to use two same links but it will also works with a t1 as first external and a dial up or dsl as second external, if configured primary/backup it will switch if the t1 goes down
  74. Replies
    1
    Views
    2,556

    Re: ISP Redundancy Explained???

    don't know how it exactly works, you can see your outgoing session switched between the two links in the log

    there are two ways I know, you can point SOA to the both external interfaces of your...
  75. Thread: ISP Redundacy

    by Porter
    Replies
    1
    Views
    2,174

    Re: ISP Redundacy

    ISP RED. docs are inside Firewall and Smartdefense paper, chapter 5, starts on page 101 (R60)

    it works very well, best effort will be with loadsharing for in and out with dns proxy (if needed) and...
  76. Replies
    2
    Views
    1,857

    Re: Any S-box users here?

    which Sbox modell ur using? home,105,110,200,500?

    only reboot beause of too much traffic I saw was with home and firmware 5.0.94s
  77. Replies
    1
    Views
    1,491

    Re: SecureClient popups

    you can try to use the "suspend popup messages", right klick on tray icon from secureclinet -> tools -> Suspend popup messages

    maybe that helps?
  78. Replies
    39
    Views
    17,435

    Re: database revision control problem

    hm...we had about 200, looks like a different problem
  79. Replies
    2
    Views
    1,848

    Re: What is flash-based nokia firewall

    check out the comparison matrix, there you can see which models are flashed based and which not
    ...
  80. Replies
    39
    Views
    17,435

    Re: database revision control problem

    how many revisions do you already have? we run into problems after we had lots of them, CP recommended to delete some of them, problem was gone afterwards
  81. Replies
    18
    Views
    5,098

    Re: Vista client, EA closed?

    does the Vista client also run on Xp?
  82. Replies
    1
    Views
    2,024

    Re: Static Routing Question

    depends on your setup, e.g. if the def gw of your network is the gw itself and you have internal networks that are behind other routers somewhere inside you would have to route those networks to...
  83. Replies
    2
    Views
    1,481

    Re: Dsl and checkpoint

    do you see the requests are dropped in the log?
  84. Replies
    7
    Views
    2,491

    Re: No Valid License for Firewall-1 module

    had the same issue yesterday, 2 lics in one file, smartupdate grabed only one part of it...grrr, created a new file with second part in it and worked ^^
  85. Re: Configuring Windows Server 2003 as SecuRemote client

    pls get more into the details, what erros do you get? Copy the log from event viewer and post it here.
  86. Replies
    3
    Views
    2,580

    Re: DHCP through PPPoE - VPN problem

    which firmware does the Edge use?
  87. Thread: R60 vs R62

    by Porter
    Replies
    17
    Views
    6,158

    Re: R60 vs R62

    download the package from CP Usercenter: https://usercenter.checkpoint.com
  88. Thread: R60 vs R62

    by Porter
    Replies
    17
    Views
    6,158

    Re: R60 vs R62

    I see, thanks!
  89. Thread: R60 vs R62

    by Porter
    Replies
    17
    Views
    6,158

    Re: R60 vs R62

    I'm currently thinking of upgrading from R60 HF04 to R62, I rebuilt the entire environment at the lab and went successfully through the "full connectivity" upgrade. I also heard from CP that R62 is...
  90. Re: Disable port opened on CP NGX.....security server

    rlogin, secure ftp server are not started by default, only when you have rules where you're using resources somewhere in your ruleset
  91. Replies
    3
    Views
    4,553

    Re: VPN-1 vs Safe@Office

    just create a user, select encryption, klick edit and enter under authentication tab the password, use this password and user to download the topo
  92. Re: Managing VPN without VPN-1 Pro/Express Control Connections

    I always run into problems when I disable the implied rules with current releases, in the past e.g. V4.1 or NG it was fine when creating the rules manually that are needed
  93. Replies
    3
    Views
    4,553

    Re: VPN-1 vs Safe@Office

    Hi!



    what du you mean you cant find it? In the smartcenter when creating the object? If you your using a sbox as peer you have to create a interoperable device



    if downloading the...
  94. Re: Disable port opened on CP NGX.....security server

    even better:

    edit fwauthd.conf in $FWDIR/conf, locate the ports you want to remove e.g. 259 and remove the entire line, run cpstop, cpstart and service is gone
  95. Re: Disable port opened on CP NGX.....security server

    just create a rule that disallows to connect to those service(s) e.g. telnet auth

    sourcy:any dest:gw service:FW1_clntauth_telnet action drop

    set the rule(s) at the top of your ruleset
  96. Replies
    8
    Views
    6,306

    Re: Eventia Reporting

    have you installed the plugin for eventia on the smartcenter?

    have you selected the right CP products for the node?

    and of course the sic between the node and smartcenter is established?

    if...
  97. Re: VPN tunnel periodically goes down between Checkpoint R55 and VPN 1 edge device

    to be honest I don't know what's going on tunnel, to your last question...maybe the R55 still has the old ip in use after the edge already got a new one from the isp, try to use the new firmware...
  98. Replies
    2
    Views
    1,530

    Re: DNS based site to site VPN ??

    as far as I know names are not working, anyone has other infos?
  99. Replies
    8
    Views
    6,306

    Re: Eventia Reporting

    how is Eventia installed? As standalone with plugin on the smartcenter or fully installed on the smartcenter?
  100. Re: VPN tunnel periodically goes down between Checkpoint R55 and VPN 1 edge device

    have you already tried the current firmware with your setup? 6.5.43
    as far as I know it doesn't make any difference to keep the tunnel up with static or dynamic address...I would try to use the...
Results 1 to 100 of 194
Page 1 of 2 1 2