CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: ankda14

Search: Search took 0.00 seconds.

  1. Replies
    1
    Views
    207

    Numbered Interface - VTI

    I was studying Numbered interface and want to know, can the local IP and remote IP can be any IP or need to be IP address that is configured on gateways.

    What is the best practice used to...
  2. Smart console don't show log in correct time order

    Hi All,

    We have a log server. Logs when set to auto, we see logs are not coming in correct time order. The firewall are in load sharing mode (unicast).

    One logs from firewall that is sharing...
  3. Replies
    38
    Views
    10,849

    Re: Java Process Consuming High CPU in R80

    Thanks Tim,

    I checked TOP command and sorted by memory utilization. Top 3 Memory consumption process is Java. Mainly consuming is SOLR then CPM and Smart View.

    16937 admin 36 19 50.4g 3.0g...
  4. VPN Tunnel is UP but traffic is getting dropped

    Hi All,

    I have a Site to Site VPN tunnel between checkpoint and Cisco ASA. Phase 1 and phase 2 is completed successfully but i cannot ping from router behind the checkpoint firewall to the router...
  5. Replies
    38
    Views
    10,849

    Re: Java Process Consuming High CPU in R80

    Thanks Tim,

    I enabled the indexing on Wednesday afternoon till eve, the CPU utilization went to 10% but again spiked to 93%. Yesterday was holiday. I checked now we can see CPU Spikes going to 85%...
  6. Replies
    38
    Views
    10,849

    Re: Java Process Consuming High CPU in R80

    Hi Tim/Everyone,

    we are also facing the same issue (Java - SOLR process utilizing high CPU).

    We have MDS/MLM environment. one of our client head was not able to views logs from CMA itself. He...
  7. Replies
    1
    Views
    495

    Remote access VPN not working

    Hi all,

    I am trying to establish remote access vpn between my end machine and checkpoint firewall but it's not working.

    i am able to connect through vpn client but i can't reach internal...
  8. SNX - Authentication failed error on ubuntu machine

    Hi All,

    Good Day.

    I tried to build client less vpn through mobile access blade between checkpoint R80.10 and ubuntu machine.

    When i try to open gui: https://192.168.x.x/sslvpn with the local...
  9. Re: Problem with ISP redundancy - sk25152 - Kindly advise

    Hi,

    Are you talking about nat cache table. i set it to 0 as well and clear the fw connection table and nat table. still NAT is done through first rule that is primary ISP external interface.

    I...
  10. Re: Problem with ISP redundancy - sk25152 - Kindly advise

    Hi,

    Thanks for the update. I will try to test it with some TCP traffic and update you.

    I have one more question: If 0.0.0.0 0.0.0.0 means everything then what 0.0.0.0 255.255.255.255 stands...
  11. ISP Redundancy - 2 default route pointing to different ISP

    Hi,

    Can we add 2 default route on checkpoint firewall pointing to two different ISP.

    for example:
    0.0.0.0/0 ---> ISP A
    0.0.0.0/0 ---> ISP B

    I am trying to do load balancing between 2 ISP...
  12. Problem with ISP redundancy - sk25152 - Kindly advise

    Hi All,

    I configured same scenario but Traffic is not going through backup path when primary ISP is down. I configured same as given in sk25152. Please find below configuration:

    Rule:

    SRC:...
  13. Re: problem with isp redundancy in load sharing mode pls help

    Hi All,

    I configured same scenario but Traffic is not going through backup path when primary ISP is down. I configured same as given in sk25152. Please find below configuration:

    Rule:

    SRC:...
  14. OSPF routing take precedence over ISP redundancy feature

    Hi All,

    I was testing ISP redundancy feature on R77.30 platform. To make configuration less , i ran OSPF protocol between firewall and cisco routers. The firewall routing is as below:

    S ...
  15. Replies
    2
    Views
    794

    User access role not working properly

    Hi All,

    I was practicing identity awareness blade on checkpoint firewall. My lab deployment is as follows.

    SM - R80.10
    SG - R77.30

    Windows XP, window AD, Management server, Gateway --> all...
  16. Management server not opening after installing EVAL lic for sandblast and endpoint

    Hi All,

    I installed eval lic that i generated from user center to practice sandblast. These are the eval lic that I generated:

    1. Sandblast Agent
    2. Endpoint Complete Package

    After these...
  17. Thread: Doubts on IPS

    by ankda14
    Replies
    1
    Views
    1,090

    Doubts on IPS

    Hi All,

    I was going through IPS blade on checkpoint R80.10. To test IPS i deployed windows XP SP3 machine at inside side of firewall and a kali linux on outside side of firewall. I created a...
  18. Replies
    1
    Views
    540

    Secure XL -- Some doubts

    Hi All,

    I was studying secure XL. I went through some show commands for secure XL. I need to understand if secure XL automatically create the template for the new connection or if there is way to...
  19. Not able to find vpnd.elg file through WINSCP

    Hi All,

    I am trying to find vpnd.elg file through winscp but can't able to locate. i tried find function as well with .elg filter but no ouptut provided. Kindly please guide how to find the file...
  20. Replies
    5
    Views
    1,174

    Re: Route Based VPN with Cisco router

    Next Steps: I again verified the configuration and i found i didn't mentioned vpn domain on interoperable object. This time i added empty group as vpn domain on both checkpoint firewall and...
  21. Replies
    5
    Views
    1,174

    Re: Route Based VPN with Cisco router

    Hi Zimme,

    Thanks for reply. I again tested it. At the moment, i can see both Phase 1 and phase 2 are up but i can't ping from R1 loopback to R2 loopback which need to be go through tunnel. In logs...
  22. Replies
    5
    Views
    1,174

    Route Based VPN with Cisco router

    Hi All,

    I am in process of having hands on check point firewall. I am bit stuck at route based VPN in checkpoint. As as basic start i want to create a route based vpn with checkpoint r80.10 and...
  23. Replies
    7
    Views
    2,184

    Anti-Spoofing in same network segment

    Hi All,

    Please help me to understand anti-spoofing in same network segment. for example :- I have 2 hosts ( Host 1:- 10.0.0.1/24 & Host 2:- 10.0.0.2/24). These both hosts reside at internal side...
Results 1 to 23 of 23