CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: Gingerwerewolf

Search: Search took 0.00 seconds.

  1. Replies
    3
    Views
    760

    Re: Resetting the cadmin password

    Thanks for the reply

    Unless you log in as cadmin, you cannot change its password. Because the Cloning Group controls users, then you cannot change any users settings (other than your own),...
  2. Re: Issue with site to site vpn to cisco ASA - HELP

    Something to remember is that Phase 1 and Phase 2 lifetimes on Cisco devices are set "Globally" and that if that Cisco device is running a whole load of VPNs then you have to match those times at the...
  3. Replies
    3
    Views
    760

    Resetting the cadmin password

    Hi all

    I recently took over support of a firewall R77.20 Gaia that I was not given all the passwords for.

    I have the admin and expert password, but sadly none of the passwords I have work for...
  4. Replies
    3
    Views
    1,208

    1400 Series

    Hey guys

    Do you guys happen to know if the 1400 series Firewalls can be purchased to be Active Passive High Availability? Clustered forautomatic failover?

    Im not 100% sure as they appear to be...
  5. Replies
    4
    Views
    1,167

    Old Licence - To New Licence

    Hey all

    I was just wondering if anyone here could confirm if I can do the following:

    We have our management device Check Point Security bundle - including SG407i and SMU003 - and the SMU003 as...
  6. Re: GAIA Netflow statistics per interface / before NAT

    Does anyone have an answer for this? - it seems to me to be a major point for true traffic analysis

    Thanks
  7. Replies
    3
    Views
    1,761

    How to Install

    Please - Ive spent 2 days scouring the website - can someone put me out of my misery and point out the "How to Install Guide"

    How the hell do I get an Endpoint Server up and running? We have a...
  8. Replies
    4
    Views
    1,557

    Re: Quick Question

    More Information:

    downloads.checkpoint.com/dc/download.htm?ID=25040
    Check Point 1100, Appliance, Locally Managed - Administration guide
    P44
    and...
  9. Replies
    4
    Views
    1,557

    Re: Quick Question

    Ah yes! I believe the appropriate answer is TLDR? I jest of course!

    I have seen that and I have allowed it to be administrated from any address, but as you say DMZ isnt under any of those. I...
  10. Re: Management Box, Snapshot Disk space and disk expansion capabilities in VMware

    Thanks for all the replies guys - we took the advice and upgrade exported / upgrade imported. New VM Proper disk space, Happier SMS

    Much appreciated
  11. Replies
    4
    Views
    1,557

    Quick Question

    Hi all

    We have an 1100 series that we have recently installed at a remote site. No Internet connection as of yet, (it will be a DSL Line), but an MPLS Circuit that allows us to reach the site.
    ...
  12. Management Box, Snapshot Disk space and disk expansion capabilities in VMware

    Hey all

    We have a problem - we are trying to upgrade from R77.10 to R77.30. We are running the Management Box on VMware

    We want to take a Snapshot before the Upgrade - however due to a...
  13. Replies
    3
    Views
    1,890

    Re: Round Robin Routing

    Thanks for the Replies guys



    Right, I think Im going to need to contact my MPLS provider and see if they will support this - thanks!



    Sorry - the HSRP in both cases is there for legacy...
  14. Replies
    3
    Views
    1,890

    Round Robin Routing

    Hi all

    Im wondering if it is possible to get a round robin style load balancing like Cisco, but on an internal network.

    This seems to be similar to other posts but their individual requirements...
  15. Re: Disk Space on the SMS Management Box R77.10

    Im on a VM so that may work a treat.

    Ill snapshot and then give it a go on a clone

    Thanks for the link

    I am on 77.10 if that makes a difference
  16. Re: Error message stopping Policy Pushes

    Of note - we fixed the problem

    We deleted the service - port_udp_rtp-video and then pushed policy. The cured the problem
  17. Re: Disk Space on the SMS Management Box R77.10

    Thanks for the advice, thats a good point
  18. Error message stopping Policy Pushes

    Hey guys

    Do you have any idea as to what would cause this and how to fix it?


    Network Security Policy 'EMEA_UK_TF-NP_NOFWCL01' was prepared on Wed Nov 26 17:02:55 2014.

    The following errors...
  19. Disk Space on the SMS Management Box R77.10

    Hey all

    We are running out of space on our management box, is there any advice that you can give out?

    The plan is to rebuild, using upgrade import / upgrade Export - and make sure this time...
  20. Re: Managing a FW behind a 3rd Party Firewall

    Awesome thanks for the quick response.

    I assume that if I need to run a Checkpoint managed Mesh VPN from it, under the Cluster's Object, in the IPSec VPN, Link Selection, I use Statically NATed...
  21. Managing a FW behind a 3rd Party Firewall

    Hi All

    I have already set up several externally managed Checkpoints, NATing the Management box, but never one with another companies Firewall in the way. I am not allowed to have that Firewall...
  22. Replies
    5
    Views
    3,319

    Re: VPN From Checkpoint R75.40 Cluster

    Thanks for your reply

    I have already had that problem with the Subnet mask, and I have already edited and updated the appropriate user.def file (I updated all of them) to include the remote...
  23. Replies
    5
    Views
    3,319

    Re: VPN From Checkpoint R75.40 Cluster

    Copy Paste of Error Messages

    encryption failure: Clear text packet should be encrypted

    service_id: IKE
    encryption fail reason: Packet is dropped because there is no valid SA - please refer to...
  24. Replies
    5
    Views
    3,319

    Re: VPN From Checkpoint R75.40 Cluster

    The usual error on the FW Log - No Valid SA

    The VPN log says Clear Packet expected that should have been encrypted.

    I have no access to the remote firewall, its a Azure one
    ...
  25. Replies
    5
    Views
    3,319

    VPN From Checkpoint R75.40 Cluster

    Hi all - Not sure if this should be under VPN or ClusterXL

    Im getting a weird one, and I cant work out it out from the other end:- I dont have access to their logs

    We have a Cluster, Active...
  26. Re: Fortigate 110C Site to Site VPN - Only One way connectivity!

    Hi Again.

    I now need to do the same for a VPN that contains lots of different subnets. So I need it to use specific IP Ranges for the Encryption domains pretty much as follows

    How do I put in...
  27. Re: Fortigate 110C Site to Site VPN - Only One way connectivity!

    Ok Update

    I have applied the fix as recommended by Shadowpeak.com, and we are up and running. I answered my own question at the end with the peer_gw and thhis is just an IP address of the Remote...
  28. Re: Fortigate 110C Site to Site VPN - Only One way connectivity!

    Thank you so much for the replies guys - Im investigating those changes -

    A quick question though about the user.def.Fiber file:

    On the Link...
  29. Fortigate 110C Site to Site VPN - Only One way connectivity!

    Hey all

    I am having trouble getting a Site to Site based VPN running between my Checkpiont R75.40 (SPLAT) Cluster (HA Mode) and a Fortigate 110C (Ver 4 MR2 Patch 11) cluster.

    My Knowledge of...
  30. Re: 300 Mb not on Inbound or Outbound Rates

    Thanks, though Im feeling a little foolish!

    I cannot believe that I did not try that.

    Much appreciated!
  31. 300 Mb not on Inbound or Outbound Rates

    Hi all

    Long time reader, first time poster :P

    Got a question - we have had our primary internet line upgraded to 300Mb from 100Mb. This line is protected by our Checkpoint firewall.

    We use...
Results 1 to 31 of 31