CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: Tsubasa

Search: Search took 0.00 seconds.

  1. Replies
    0
    Views
    322

    SandblastMobileONP_Activation

    Hi all,

    As there is not a sandblastMobile corner i post here.

    Summary
    ########

    Installed SBM on three different iOS (12.2) devices (iphone and ipad)
    but cannot activate the ONP on them ....
  2. Replies
    8
    Views
    1,472

    Re: "Any Recognized" in Application Site

    Thanks Phoneboy.
    Appreciate your help and prompt answers.
  3. Replies
    8
    Views
    1,472

    Re: "Any Recognized" in Application Site

    By the way. This tip should be in the official documentation, what do you think?
  4. Replies
    8
    Views
    1,472

    Re: "Any Recognized" in Application Site

    Found how to negate on "object". Finally ...
    App showed as expected.
    Thanks Phoneboy. As always apologize for my s..d questions.
  5. Replies
    8
    Views
    1,472

    Re: "Any Recognized" in Application Site

    Wanted to do this but couldnt find how to negate the object. :) :p

    Thanks.
  6. Replies
    8
    Views
    1,472

    "Any Recognized" in Application Site

    Hi guys

    Have:

    ###
    Environment
    ###

    R80.10 latest EA 380
    Installed 80.10 in an vm environment , standalone deployment, also tried with distributed.
  7. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Thanks.

    How about the unofficial story? :) :p
  8. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    New EA released.

    /* Check_Point_R80.10_EA380_T1_Gaia */

    @Phoneboy
    Any release dates for GA?

    Thank you.
  9. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Same config works with Check_Point_R80.10_EA_276_T9_Gaia.iso.
    Hmm...

    1230

    1231

    Thanks.
  10. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Guys,

    Here we go again :) :p


    >>> R80.10_EA363

    APPI & URLF , IPS blades dont work.
    Logs are not shown in fw.log. (Logs and Monitor)
    Tried with both standalone and distributed topology/
  11. Replies
    8
    Views
    2,127

    Re: 730 Appliances managed by SmartCenter?

    >>> On a side note, we are working on support for managing the security rulebase from the SMP UI. We plan to include this in the next SMP release (R12.30).
    When GA will be released?

    Chances for...
  12. Replies
    3
    Views
    1,057

    Offline Security Checkup

    Hi guys

    ###
    Question
    ###

    I know that sk83500 says /* 4. Internet connectivity from Security Gateway to Check Point Cloud Services. */

    but
  13. Thread: Rotate log

    by Tsubasa
    Replies
    1
    Views
    1,042

    Rotate log

    Hi guys

    Is there a way to use /* /pfrm2.0/bin/rotateLog.sh */ to rotate custom files ?
    My purpose is to rotate logs sent to the sd card.




    Is this possible?
  14. Replies
    8
    Views
    2,127

    Re: 730 Appliances managed by SmartCenter?

    Cannot centrally manage 700 Series like 1400s.
    They are managed by SMP sk112233. Build one SMP server for my company.

    Thanks.
  15. Replies
    3
    Views
    5,338

    Re: Sand blast and Anti-Ransomware

    Tested with Zepto ransomware.

    SBA reacts:
    1213

    It restored all converted .zepto files.
    1212

    ###
    SBA Logs
  16. Replies
    9
    Views
    2,729

    Re: R77.30 with R80 management server

    It works with R77.30 configured with monitor mode.
    Traffic is properly processed by the enabled blades.

    Thank you guys.
  17. Replies
    9
    Views
    2,729

    Re: R77.30 with R80 management server

    120512061207


    Thank you guys.

    and i apologize for my stupid questions.

    I got it to work in my vmware lab. R77.30 is router mode mode now.
    Will try with R77.30 and monitor mode on.
  18. Replies
    9
    Views
    2,729

    Re: R77.30 with R80 management server

    There are no errors. Status shows ok and up to date.

    Strange.

    Thanks.
  19. Replies
    9
    Views
    2,729

    Re: R77.30 with R80 management server

    Yes.The box can reach the internet.
    Waited longer than 60 minutes.

    #####
    Topology
    #####

    Switch mirror port

    |||
  20. Replies
    9
    Views
    2,729

    R77.30 with R80 management server

    Hello

    Appreciate your help.


    Im making a security checkup with checkpoint 5200.

    The best option is to use 5200 with R77.30 and management server R80 because of the Security Checkup...
  21. Re: msg_conn_handler: connection error: messaging connection to daemon failed. in R77

    >>> snmpd failed to work after booting up

    From sk97638 snmpd's parent daemon is pm process manager.
    To debug snmpd there is sk56783.

    msg_conn_handler -> General error?...
  22. Re: New GUI Signature Tool for Custom Application Control and URL Filtering applicati

    From sk103051

    /* This tool is not supported for locally managed Small Office appliances. */

    This is only for Gaia.
    How about locally managed Gaia embedded appliances ?

    Need to permit only...
  23. Replies
    4
    Views
    2,072

    Re: High Availability OPTIONS

    >>> I did think about VRRP on the Checkpoints but again not sure if this is a good idea

    VRRP

    Pros:

    1. Single virtual MAC floats between cluster members, depending on which is Master; By...
  24. Replies
    0
    Views
    807

    Report generation cli

    For 700,1400 is it possible to generate hourly,daily... reports from cli, expert mode?

    Saw that GUI report generation calls a Lua script?

    Tried to call it but didn't worked.

    Any thoughts?
    ...
  25. Checkpoint 5200 Maximum Number of VPN Tunnels (route based )

    Before asking searched: this forum, google sensei, SKs.


    #####
    Question
    #####

    Whats the Maximum Number of VPN Tunnels supported by Checkpoint 5200 ?

    4800 has one
  26. Replies
    1
    Views
    1,560

    Install Offline Update

    Hi guys

    #####
    OS: Gaia Embedded R77.20.40
    #####

    Need to install appi signature from file(offline update).
    APPI offline installation.

    Its here in SK103882.
  27. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Amazon Japan does not have a Japan version. I will buy the PDF.
    Thanks.
  28. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Yep.Keep in mind.

    by the way. I cannot find your book here in Japan and need it.
    Only in US stores.
  29. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    ###

    Steps done to make it work

    ###
    >>> Also can change UC portal listening address to another interface IP.
    Screenshot name: INTUC5,INTUC6
  30. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Thanks PhoneBoy. Apologize for this dumb question regarding UC.
    Management prefix 192.168.20.0/24 and interfaces were considered external {had a default route through 192.168.20.254 on the gateway...
  31. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    Sent email to ea_support@checkpoint.com:



    #####
    Checkpoint's reply
    ####"

    Iím Lotan from the Early Availability team in Check Point.
  32. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    I did.
    Thanks for the reply.
    When the reply comes i will update this thread.
  33. Replies
    38
    Views
    12,706

    Re: R80.10 Public Early Availability

    #####
    Test environment
    #####

    >>> Mgmt: R80.10 eval license

    # cplic print
    Host Expiration Features
    192.168.20.81 17Apr2017 CPSB-EVAL CPSM-C-U CK-96FEE63037BB
  34. Re: troubleshooting high cpu/memory issue with packet loss with gateways R77.30

    >>> follow up questions:

    >>> 1- according to shadowpeak, I see that DD can be in mode 0, 1 or 9. What about mode 4? What is the difference >>> between mode 4 and mode 9?

    From sk105261 DD can...
  35. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    >>> SmartEvent license its little bit unclear though. :)

    Found sk106494.
    What license is required for a Next Generation SmartEvent?
    If you have older SmartReporter/SmartEvent licenses, can you...
  36. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Will go with one VM and everyday backups.

    VM = management + SmartEvent ;
    VM RAM 16Gig
    CPU 4 core

    SmartEvent license its little bit unclear though. :)
  37. Re: Migrating from VRRP Cluster to Load Sharing CLuster XL

    >>> OR is it good to go for ClusterXL HA rather than Load Sharing?

    Checkpoint gurus told me:

    active/active (load sharing) is more trouble then its worth most of the time. Just keep it on...
  38. Thread: Emails in Gaia

    by Tsubasa
    Replies
    3
    Views
    937

    Re: Emails in Gaia

    Thanks.

    >>> What were you actually trying to achieve with the post!
    Just improving the Checkpoint kung fu. :)
  39. Thread: Emails in Gaia

    by Tsubasa
    Replies
    3
    Views
    937

    Re: Emails in Gaia

    I found DLP feature, but its only for SMTP. :)
  40. Thread: Emails in Gaia

    by Tsubasa
    Replies
    3
    Views
    937

    Emails in Gaia

    Hi guys

    One firewall vendor has this feature.

    ###
    URL
    ###

    http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/quarantineserver/quar_server_about_c.html
  41. Replies
    5
    Views
    2,052

    Re: Full HA or distributed

    Thanks guys

    Simulated the following topology in Vmware workstation.
    SIC through trust , it works.


    Topology

    Internet >> Checkpoint 5400 New HA Active Standby >> Cisco L3 switch >> Trust...
  42. Replies
    5
    Views
    2,052

    Full HA or distributed

    Hi Checkpoint experts

    Planning to do HA ClusterXl Active Standby between two 5400s .


    I saw that are two options:

    Full HA (between two standalone devices) and HA with the management...
  43. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Will be deploying two physical 5400 in HA active passive.
    SMS + smart event ( same machine) will be virtual .

    Do you recommend VMware HA (two different esxi servers) for SMS , smart event?
  44. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Thanks all.
    It's clear now.
  45. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Thanks for your answers guys.

    You helped me a lot.

    Tsubasa
  46. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Thanks for the answer.

    WOW..its very clear now.

    Arigatou Gozaimasu.

    >>> One more note: It's not uncommon to see management devices (SMS, SmartEvent) deployed as VM's, since they are simply...
  47. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    I installed VE network mode from ovf file. Its the same as normal .iso , also looks like it can do cluster XL with it. (can choose ClusterXl ID and see it from cpconfig )
    sk 101441 ; sk104859

    ...
  48. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    Re: VE HA

    Thanks for the answer.


    >>> Normal Gaia is not supported.
    You mean it's not officially supported?

    Can you please point to such document?

    Thank you.
  49. Thread: VE HA

    by Tsubasa
    Replies
    17
    Views
    9,985

    VE HA

    Hi guys

    Researched sk forums but not a clear solution yet.


    ###
    Requirements
    ###

    Deploy Checkpoint solution in HA active passive at edge.
  50. Replies
    3
    Views
    1,723

    Re: VPN from Capsule cloud to internal server

    Hi mcnallym

    Thanks for the reply.

    >>>>> There is NO VPN Capability within Capsule Cloud. Is why there is nothing in the guides/docs for Capsule Cloud.
    It wrote here:

    #####
    sk102501
    #####
  51. Replies
    3
    Views
    1,723

    VPN from Capsule cloud to internal server

    Hi experts

    One quick question.

    Can we make a VPN from the Capsule Cloud to a server in another location?
    Nothing in the guides or google.

    Thanks.
  52. Replies
    2
    Views
    1,389

    Re: Two users , different office mode pools

    Thanks msjouw

    Works like a charm.

    To make it work I had to delete a rule which had SRC = officemode network object; Replaced with SRC = usergroup;
  53. Replies
    2
    Views
    1,389

    Two users , different office mode pools

    Hi guys

    Requirements: Give remote access to a user from another company . He needs to see/access only his host(subnet)

    Already done: We created the user, made the office mode object, enabled...
  54. SmartEvent User Defined events with filter are not generated

    Hello experts


    >>> Symptoms

    SmartEvent User Defined events with 'Device ID' or 'Device Information' filter are not generated.

    It worked with "Destination" or "Origin" filter.

    >>>...
Results 1 to 54 of 56