CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Search:

Type: Posts; User: Opera

Search: Search took 0.00 seconds.

  1. Replies
    0
    Views
    3,875

    OpenServer R80.10 Upgrade to R80.30

    Hi,

    I am running R80.10 on openserver in HA CLusterXL. I am planning to upgrade R80.10 to R80.30. Are there any considerations i have to keep in mind while upgrading or the upgrade just works...
  2. Re: private key for a csr generated via smartdashboard

    i will be using this certificate for platform portal and VPN clients. I followed this article to generate the CSR (https://www.digicert.com/csr-creation-checkpoint-vpn.htm). But now to convert to a...
  3. Re: private key for a csr generated via smartdashboard

    Has anybody any suggestions please for this question.
  4. private key for a csr generated via smartdashboard

    I have generated a CSR for a thirdparty ssl certificate via smartdashboard. I want to use this newly added certificate to be used by platform portal also. but import button asks for a .p12 file. To...
  5. Replies
    4
    Views
    1,097

    Re: Internal certificate renewal

    I am using site to site VPNs with preshared keys not with certificates. But for VPN_client property windows is showing that "the gateway authenticates with this certificate ICA_CERT.
  6. Replies
    4
    Views
    1,097

    Internal certificate renewal

    we are running R77.30 on openserver. I am getting warning messages about certificate expiration when i install policy. The only certificate that i can see is internal_ca (ICA_CERT). When i click on...
  7. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    [Expert@gate02:0]# cat /proc/interrupts
    CPU0 CPU1 CPU2 CPU3
    0: 2876448406 0 0 0 IO-APIC-edge timer
    1: ...
  8. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Hello again,

    sorry am updating this thread after long time.

    Now that i have changed the NICs and bought the 4 core lisence, still getting the same issue throughput is still not good enough. Am...
  9. Replies
    5
    Views
    1,918

    Re: vpn problem with overlapping ip range

    The encryption settings are same on both sides, and shared secret is also same. No logs that says invalid Payload.


    Regards
  10. Replies
    5
    Views
    1,918

    Re: vpn problem with overlapping ip range

    I have enabled vpn debug ikeon and also vpn debug on. When i look into the ike.elg file in ikeview tool, there i find only P1 Main Mode messages with status failed, no Quick Mode messages. I have...
  11. Replies
    5
    Views
    1,918

    vpn problem with overlapping ip range

    Hello,

    I need help in finding out whats wrong with my vpn setup with overlapping range. I am using openserver checkpoint 77.20 and the vpn is between me and cisco ASA 5555.
    I have created two...
  12. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Hello again,

    After all these suggestions we have planned to change the emulex 10G network cards. What make and type you guys advice to buy and replace in a HP DL360 G8 server to get better...
  13. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Hello,

    I have upgraded the firmware on the server just to check if this could help, and got this output after that.

    Kernel Interface table
    Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR ...
  14. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    That i will check tomorrow
  15. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    [Expert@gate02:0]# ethtool -k eth4
    Offload parameters for eth4:
    Cannot get device udp large send offload settings: Operation not supported
    Cannot get device GRO settings: Operation not supported...
  16. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    [Expert@gate02:0]# ethtool eth4
    Settings for eth4:
    Supported ports: [ FIBRE ]
    Supported link modes: 10000baseT/Full
    Supports auto-negotiation: No
    Advertised...
  17. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    i am attaching three files with output from cpview.

    874875876
  18. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Dear ShadowPeak.com, here is the output of "netstat -ni" and "fw ctl affinity -l -a"

    Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
    eth1 1500 0 ...
  19. Replies
    8
    Views
    4,184

    Re: upgrade from R77.10 to R77.20

    Tried upgrade from cli.
    I just downloaded the .tgz package from checkpoint website copied it to /var/tmp/ directory and unzipp and untar it and than run the ./unixinstallScript and everything went...
  20. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    I have upgraded the checkpoint from R77.10 to R77.20 but still getting the same results. very low bandwidth utilization.
  21. Replies
    8
    Views
    4,184

    Re: upgrade from R77.10 to R77.20

    do i need to upgrade the management server also, or its just to upgrade the security gateways.
  22. Replies
    8
    Views
    4,184

    Re: upgrade from R77.10 to R77.20

    Open server installation
  23. Replies
    8
    Views
    4,184

    upgrade from R77.10 to R77.20

    I am new to checkpoint, have never done upgrade of check point before. So want some help regarding upgrade from R77.10 to R77.20.

    Are there any specific steps that can lead to a problemfri upgrade...
  24. Re: When i install policy network goes down for 10-12 seconds

    I have tried by defineing the switch port as portfast and still got the network outage. The amazing thing is that network outage happens when i get the screen for policy install successfull, means...
  25. Re: When i install policy network goes down for 10-12 seconds

    But no switch over happens during policy install. i have checked the logs for control events. there has never happened any switchover when we install policy after changing some rules.

    But i think...
  26. When i install policy network goes down for 10-12 seconds

    I have noticed that when ever i add a new rule and install the policy on cluster XL nettwork goes down for about 10-12 seconds. Has anybody any idea about what could be the problem
  27. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Ok, then i try first with upgrading from 77.10 to 77.20 and will see how it becomes. Will update the issue after update.
  28. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Hei
    the hardware is openserver HP generation 8 server with checkpoint 77.10 (gaia). I have run top and non of the cores are showing high utilization.

    here is the output of netstat -ni: eth4. is...
  29. Replies
    68
    Views
    30,554

    Re: very slow intervaln communication via checkpoint

    Hei,

    Interfaces are not showing any errors or any packet drops, all the switches are gigbit switches and also core switches are 10g, checkpoint is also using 10g interfaces. Actually there is no...
  30. Replies
    68
    Views
    30,554

    very slow intervaln communication via checkpoint

    I have two vlans dmz and local, routing between these two vlans is defined on checkpoint (77.10 gaia). But if i copy some large files it takes long time, I am getting only 40 to 60 Mbs. But local...
Results 1 to 30 of 30