CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: Dende

Search: Search took 0.00 seconds.

  1. Thread: HTTPs Inspection

    by Dende
    Replies
    6
    Views
    1,399

    Re: HTTPs Inspection

    Hey,

    now I have installed a Sophos UTM WAF as Reverse Proxy, it works perfect for me. Thanks for you comments!
  2. Replies
    3
    Views
    7,248

    Re: QoS einrichten bei R77.30

    Hi Jejerod,

    vielen dank für die Erklärung, ich denke, jetzt hab sogar ich es verstanden ;)

    wenn ich dann quasi eine Bandbreite für VPN "reservieren" möchte, wenn zB. ein Download die Bandbreite...
  3. Replies
    3
    Views
    7,248

    QoS einrichten bei R77.30

    Hi Leute,

    ich benötige mal hilfe auf deutsch, da ich die Anleitung von Checkpoint nicht kapiere!

    Wir möchten unseren VPN Verkehr in der Firewall Priorisieren, weil wenn jemand z.B. runterlädt...
  4. Thread: HTTPs Inspection

    by Dende
    Replies
    6
    Views
    1,399

    Re: HTTPs Inspection

    Nobody any idea?
  5. Thread: HTTPs Inspection

    by Dende
    Replies
    6
    Views
    1,399

    HTTPs Inspection

    Hi,

    we have inbound https inspection activated. One Server with extern ip 1.1.1.1 have two Websites with https Certificates installed. If I configure the external IP 1.1.1.1 with one Certificate...
  6. Replies
    3
    Views
    10,376

    Host Header Redirection

    Hi,

    is it possible to confige the Checkpoint Firewall to redirect Host Header entrys to different webservers?

    for example: We only have one externel IP address 65.65.65.65 and want to Redirect...
  7. Re: IPS Protect internal hosts only - recommendation

    Hey Shadow,

    I want to repeat, that I understand it right:

    All Traffic came from Extern Interface (Topology = External) to Intern (DMZ or Intern -> Topology = Internal) it will be protected via...
  8. IPS Protect internal hosts only - recommendation

    Hi guys,

    I got a question regarding IPS:
    Is it useful, or recommended to activate the IPS system only from external to internal, ie:

    -------------
    Protect internal hosts only:
    If you select...
  9. IPS System: Nur Interne Hosts schützen - Frage - Empfehlung

    Hi Leute,

    Ich hab mal eine Frage bezüglich IPS:
    Ist es Sinnvoll, bzw. Empfohlen das IPS System nur von extern nach intern zu aktivieren, also:

    Protect internal hosts only:*
    If you select this...
  10. Replies
    4
    Views
    1,368

    Re: Two extern IP Ranges don't work

    We found the Problem...

    Our ISP had no route to oure secondary IP Range created.

    Now it works fine ;))

    Thanks all...
  11. Replies
    4
    Views
    1,368

    Re: Two extern IP Ranges don't work

    Hi alienbaby,

    yes we are Natting, the intern address in DMZ is 192.168.76.12 and I gave the Host a static NAT address 62.123.2.22. So the NAT rule will be created automatically, or!?
  12. Replies
    4
    Views
    1,368

    Two extern IP Ranges don't work

    Hi Guys,

    we have two extern IP Ranges, for example:

    62.123.1.64 255.255.255.240 -> First IP allocated to the Ethernet Port
    62.123.2.18 255.255.255.240 -> Secondary IP on the same Ethernet Port...
  13. Replies
    5
    Views
    1,918

    Re: Can't Change IP address behind interface

    Hi,

    I convert it to a Gateway, now I can change the Interfaces....

    Thanks...
  14. Replies
    5
    Views
    1,918

    Can't Change IP address behind interface

    Hi,

    I have installed a VMWare Checkpoint Firewall for my Test Lab. I have 5 interfaces and all configured, If I open the Checkpoint Host under Topology, all Interfaces are set to Externel under...
  15. re: Help: Reason SIC General Failure [ SIC Error no, 148 ]

    Hi,

    here is the output, whats wrong??

    cpwd_admin:
    APP PID STAT #START START_TIME COMMAND MON
    CPD 10834 E 1 [07:24:27] 7/9/2011 cpd ...
  16. Help: Reason SIC General Failure [ SIC Error no, 148 ]

    Hi,

    I need help. I can't push new policy on my SPLAT, so I can't do any changes! I get the error "Reason SIC General Failure [ SIC Error no, 148 ]"

    If I run cpinfo I get an error at: CP Status...
  17. Re: Web security: Invalid 'Content-Length' header in response

    Hi, I have the same issue, have somebody found a solution?? FW R65

    Web security: Invalid 'Content-Length' header in response.

    Policy Info: Policy Name: Standard
    ...
  18. Thread: Hide NAT Problem

    by Dende
    Replies
    2
    Views
    2,232

    Re: Hide NAT Problem

    Hi rajeevraj,

    I have created a Network with the address 10.0.0.0 and I have activated on this Network the Hide Nat, now it's working.

    regards
    Dende
  19. Thread: Hide NAT Problem

    by Dende
    Replies
    2
    Views
    3,544

    Re: Hide NAT Problem

    Ne, im ISA ist alles freigeschaltet, wie gesagt, wenn man in der Checkpoint Hide-Nat aktiviert auf dem PC gehts ja.

    Meine Lösung:
    Habe jetzt ein neues Netz angelegt, indem ich Hide-Nat aktiviert...
  20. Thread: Hide NAT Problem

    by Dende
    Replies
    2
    Views
    2,232

    Hide NAT Problem

    Hi,

    we have the following problem:

    we have second firewalls in our company, and the users surf by a proxy (ISA 2006):

    ISA2006 -> Checkpoint -> Internet

    The first rule in the checkpoint is...
  21. Thread: Hide NAT Problem

    by Dende
    Replies
    2
    Views
    3,544

    Hide NAT Problem

    Hi Leute,

    ich hab folgendes Problem:

    Wir haben eine 2 Stufige Firewall und alle User Surfen über den Proxy (ISA):

    ISA -> Checkpoint -> Internet

    In der Checkpoint steht die erste Regel,...
  22. Replies
    4
    Views
    2,720

    Re: Sommerzeit und Winterzei

    Supi, danke für die ausführliche Antwort. Hab das mal so eingerichtet, werde mal schauen, ob das bei der nächsten Zeitumstellung klappt.

    Vielen Dank ;)
  23. Replies
    4
    Views
    2,720

    Re: Sommerzeit und Winterzei

    Hi Maarten,

    danke für die schnelle Antwort.

    Im WebUI hab ich die Einstellung gesehen, da stell ich dann auch immer zur Sommerzeit die Zeitzone auf +2 und im Winter auf +1 zurück, obwohl ich...
  24. Replies
    4
    Views
    2,720

    Sommerzeit und Winterzei

    Hallo Leute,

    gibt es eine Möglichkeit, daß die Firewall sich automatisch auf Sommerzeit und Winterzeit einstellt?? Momentan mach ich das immer manuell!

    Firewall NGX R65
  25. Re: Cannot connect to Smart Dashboard with my VMWare after Restore

    Hi belvdr,

    I have done a backup with the ssh portal on the original FW and then I done a restore from the CLI portal on the VMWare!

    I think it's a SPLAT config?! But I don't know, I'm a newbie...
  26. Cannot connect to Smart Dashboard with my VMWare after Restore

    Hi,

    I have a problem with my VMWare NGX R65.

    - I have installed the iso image R65 on my VM
    - I have installed the license
    - I have installed the same Products on the VM like my SPLAT
    - I...
  27. Thread: time incorrect

    by Dende
    Replies
    11
    Views
    2,072

    Re: time incorrect

    hi,

    if I type in this command (cpstop, cpstart). What is the impact?? Will I lost some connections for this time for example Internet, DMZ or something else. Will be the users affected?? Should I...
  28. Thread: NTP Time Change

    by Dende
    Replies
    0
    Views
    1,402

    NTP Time Change

    Hi,

    I have changed the time at the https site of my firewall. After the change the Info comes up - I must restart the Appliance Service - !
    Can I restart this service without restarting my...
  29. Replies
    4
    Views
    4,213

    Re: VPN Tunnel adjust MTU Size

    Hi plamy,

    Thanks for your answer...

    is it possible to change it only for a VPN Tunnel Connection or can I only change it for an Interface??
  30. Replies
    4
    Views
    4,213

    VPN Tunnel adjust MTU Size

    Hi,

    We have an external Company connected via a VPN Tunnel, they have a smaller MTU Size than we. It is possible to adjust a MTU Size only on the VPN Tunnel to 1400??
    I know it is possible for a...
  31. Replies
    1
    Views
    2,931

    VPN Tunnel MTU Size anpassen

    Hi Leute,

    wir haben einen VPN Tunnel zu einer externen Firma von uns, die haben aber eine niedrigere MTU Size als wir.
    Meine Frage: ist es möglich eine MTU Size z.B. 1400 nur auf einen VPN...
  32. Replies
    2
    Views
    2,975

    Re: FW Monitor - Wireshark Cap File

    Supi, dank dir, hat geklappt ;)
  33. Replies
    3
    Views
    2,869

    Re: FW Monitor - Create .cap for Wireshark

    Cool, thank you very much ;)
  34. Replies
    3
    Views
    2,869

    FW Monitor - Create .cap for Wireshark

    Hi,

    with fw monitor I can create a .cap file for analyse with wireshark. Creating is no Problem, but how can I copy the .cap file from the Firewall to my PC??

    We have a NGX R65, OS: Secure...
  35. Replies
    2
    Views
    2,975

    FW Monitor - Wireshark Cap File

    Hallo Leute,

    wenn ich auf unserer Firewall (NGX R65, OS: Secure Platform) über FW Monitor ein Cap File für Wireshark erzeugen lassen, wie bekomme ich dieses von der Festplatte der Firewall auf...
  36. Replies
    10
    Views
    3,931

    Re: Can not Ping to the Internet

    It's looks like:

    PC(10.90.90.80) -> ISAIntern(10.90.90.5) ISAExtern(192.168.75.2 - NATing 62.125.xx.2) -> FW1Intern(192.168.75.1) FW1Extern(69.225.xx.1)

    The ISAExtern have a static NAT...
  37. Replies
    10
    Views
    3,931

    Re: Can not Ping to the Internet

    Not for my PC. I have a NAT rule for the Checkpoint External Interface and for the ISA Server External Interface which is connected with the Internal Interface from the Checkpoint Firewall.

    MyPC...
  38. Replies
    10
    Views
    3,931

    Re: Can not Ping to the Internet

    @tomama:
    Sorry but I'm a newbie in checkpoint Firewall, you mean the Smartview Tracker to check the response?? It shows:

    Number: 9709922
    Date: ...
  39. Replies
    10
    Views
    3,931

    Re: Can not Ping to the Internet

    The ISA is proxying and have a NAT Rule in the checkpoint Firewall and a Rule with ISA -> any every protocoll.
    If I go to the Internet and look for my external IP address, I get the external IP from...
  40. Replies
    10
    Views
    3,931

    Can not Ping to the Internet

    Hi People,

    I have a problem, if I want to ping to the Internet from my client, but I get timeout.

    The connection looks like:
    MyPC --> Switch --> ISA Firewall --> Checkpoint --> Internet

    I...
  41. Replies
    3
    Views
    1,451

    Re: Patterns at allowed URLs (Web Filtering)

    Yes I try, but it don't works. It only works with original writed sites:
    Sites.com - We take the garbage out for you. - it works
    if the explorer open a site for example "do.site.com" - it doesn't...
  42. Replies
    3
    Views
    1,451

    Re: Patterns at allowed URLs (Web Filtering)

    Hi,

    I have the same problem, have you found a solution??

    regards Dende
Results 1 to 42 of 42