CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: borek

Search: Search took 0.00 seconds.

  1. Replies
    0
    Views
    1,695

    Correct way how to upgrade UTM-1 ClusterXL

    Hello,

    i need to upgrade two R65 UTM-1 in a cluster and since I don't have two spare appliances, i'd like to verify the process..

    I can afford a maintenance window with a downtime allowed,...
  2. Replies
    5
    Views
    3,249

    Re: Testing the UTM-1 R7x Appliance Image

    I found this a while ago, this could help:
  3. WAN encrypted, WAN2 unencrypted same remote network and VTI

    Hello,

    a company has a remote branch. At the moment there is a leased line and Internet line that end in VPN-1 Edge. On the other side the company's main FW is NGX R65 SPLAT.

    Now via the static...
  4. Replies
    3
    Views
    2,566

    Re: Integrity Password Lost

    Felix, thanks for the hint, it was very useful!
  5. Replies
    3
    Views
    12,832

    Re: Exam Pointsec 156-706

    Does anyone have any information about this cert?

    I'd be very appreciated!

    borek
  6. Re: 'Policy Server Down' after RX61 to RX65 Upgrade

    Has anyone found out what actually means the line? :

    ndb_open : mmap failed for /opt/CPfw1-R55/database/SC.NDB: Cannot allocate memory

    Thanks.

    Borek
  7. Replies
    4
    Views
    3,324

    Re: Radius IAS, MS CA and MS AD authentication

    Hi Thorpuse, sorry for not coming back to you earlier.

    Anyway after i spoke with the CheckPoint there is no way how to use two authentication methods at the same time. It has to be either PKI or...
  8. Replies
    4
    Views
    3,324

    Re: Radius IAS, MS CA and MS AD authentication

    My goal is to achieve this:

    - the MS CA issues a user certificate
    - the user uses this certificate on the smartcard (usb token)
    - gateway authenticates the user with this certificate against...
  9. Replies
    4
    Views
    3,324

    Radius IAS, MS CA and MS AD authentication

    Hello,

    for a long time i've been trying to get working SecureClient authentication (as part of Endpoint Security) through third party PKI - Microsoft CA, MS AD and MS IAS as RADIUS server.

    At...
  10. Replies
    4
    Views
    2,770

    Re: Smart Card Authentication Issues

    Thanks for the info, soon i will be implementing Endpoint Secure Access and probably MS CA certificates on USB tokens.

    This could help.

    Please share with us the results of the lab testing.
    ...
  11. Replies
    40
    Views
    14,371

    Re: Another urgent help!!!

    Once i had problem with establishing SIC. It was caused by the not running (seg faulting) cpd daemon.

    Just to be sure check the main processes: cpwd_admin list

    In my case i did restart (it was...
  12. Replies
    7
    Views
    2,916

    Re: Migration OS Smartcenter HA

    msjouw, good point about the different OS'es for mgmt HA. I always forget about it, thanks for mentioning that.

    --
    bf
  13. Replies
    3
    Views
    1,485

    Re: Upgrading from AI R55 to NGx R65

    Yes, the proposed orded of mirating the NG environment to NGX is assured by the fact that you can roll-back the enforcement modules whenever you want (only by swithing the ports).

    The fact you're...
  14. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    Hey, thanks for that offer, but first i'm gonna install the HFA. If that doesn't help i'd like to test the functionality.
  15. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    OK. The VPNc upgrade is done. The VPNc is managed by another company and i've been told the result is still the same.

    Back to research.. :|
  16. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    I'm afraid you're right. The remote side is VPN Concentrator Type: 3005, Bootcode Rev: Cisco Systems, Inc./VPN 3000 Concentrator Series Version 2.5.Rel Jun 21 2000 18:57:52
    Software Rev: Cisco...
  17. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    The gateway is cisco VPN 3000 concentrator.

    But, the remote side says:

    "Well, I changed the MTU to 1300, and had Mike attempt to connect once again. He received the same error still.

    Other...
  18. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    I know it doesn't give you (me) the needed information about the cisco device but i don't know it yet. I'm waiting for the results of the MTU change test (lowering to 1350 or 1300 like you said) and...
  19. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    It's an external cisco vpn gateway. Actually i'm not sure what exactly that is.. I just recommended them to try decreasing the MTU on the client test PC to 1350. Tomorrow i'll hear the result.
    ...
  20. Replies
    23
    Views
    5,956

    Re: Site-to-Site - tunnel up but no app connections

    I'm gonna take this thread back up..

    I'm having the same problem with site2site vpn. Checkpoint R65 vs cisco.

    The RDP connections were fine until recently something happened and when the users...
  21. Thread: CCSA Study Sheet

    by borek
    Replies
    5
    Views
    17,492

    Re: CCSA Study Sheet

    I appreciate this "study guide" very much and I hope it'll make my exam tomorrow little bit easier! :)
  22. Replies
    1
    Views
    1,959

    Exclusion list for HTTP Client Protections

    Hey,
    i've got here little trouble. One of our customers is experimenting with Application Intelligence / HTTP Client Protections / Microsoft Internet Explorer option (more precisely Block...
Results 1 to 22 of 22