CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Search:

Type: Posts; User: pebbles5

Search: Search took 0.00 seconds.

  1. Replies
    0
    Views
    978

    Mobile VPN IOS - Connect on demand

    Hi,

    does anyone know where to configure the idle timeout for mobile vpn client ? Is it only possible to do this globally for the whole moblie access blade ? Would be worse if you use both - portal...
  2. Replies
    0
    Views
    1,915

    CCSE R75 practice exams ?

    Hy,
    I can't find the CCSE R75 practice exams on the checkpoint page, only CCSA R75 and CCSE R71.......are they not yet available ??
  3. Replies
    0
    Views
    554

    Timers for MEP in Site-to-Site VPN

    Hi,

    i want to implemet MEP gateways (a second cluster on the central site) in my existing meshed site-to-site VPN. How fast do the remote gateways switch to the lower priority MEP gateway if the...
  4. verify crl retrival on gw - cache timeout

    how can I check, that the gateway successfully fetched the crl from smartcenter ? Or better, how can I check how old the cached crl is if smartcenter is temporary down ?

    I know there are such...
  5. Replies
    1
    Views
    1,339

    GAIA+ implied rules

    Hi,

    I just installed my first GAIA+ Cluster (HA New Mode). Normally, I diable all implied rules an add explicit rules for this communication.

    I found some strange things :
    - Gateways tcp 8080...
  6. Replies
    4
    Views
    3,084

    Re: Upgrade SPLAT to GAIA - login incorrect

    so the upgrade from splat gw 75.20 to gaia 75.40 as shown in upgrade-guide does not really work ?

    It was just in lab environment, in productional areas I would also do a fresh install when...
  7. Replies
    4
    Views
    3,084

    Upgrade SPLAT to GAIA - login incorrect

    Hi,

    I did two updates from SPLAT R75.20 to GAIA R75.40, one on ESXi Managemenet and one on a physical HP 585 server (supportet hardware). In both case the update was successfully, but I can not...
  8. Replies
    3
    Views
    2,051

    Re: Cert based auth

    Hard to do this with users in active directory ? I think the only way would be for allowing only cert based auth for all users to change the supportet auth schemes of the vpn gateway object ? Does...
  9. Replies
    3
    Views
    2,051

    Cert based auth

    Hi,
    I want to migrate my remote access user from ldap auth with user + pw to cert based auth, so that not everyone who installs the vpn client on any system can connect with the ldap credentials....
  10. Replies
    1
    Views
    1,813

    SNX E75 - Firefox ?

    Hi,

    I installed SNX E75 on R75.20 test system and starting network extender results in hanging up firefox browsers. Tested with 3.6.24 and 8.0 . IE works fine.
    Java is newest release : V6 update...
  11. Thread: ccse r71 info

    by pebbles5
    Replies
    6
    Views
    2,970

    Re: ccse r71 info

    so all topics as on R70 and the IPS stuff from CCSA book ? Is it OK to prepare with the ccse R70 book and the questions from cp ? (worked for the ccsa r71....)
  12. Thread: ccse r71 info

    by pebbles5
    Replies
    6
    Views
    2,970

    Re: ccse r71 info

    Good job !

    I also want to prepare for the exam, but I only have the R70 CCSE coursebook. What topics changed from R70 to R71 exam ?

    What is the best way to prepare for this test ? For the CCSA...
  13. Replies
    11
    Views
    3,193

    Re: Differences R70 / R71 CCSA

    Thanks.....correction : 87%.
    I hope that the ccse r71 has also an better structure than the R70 exam....
  14. Replies
    11
    Views
    3,193

    Re: Differences R70 / R71 CCSA

    Passed with 84% !
  15. Replies
    11
    Views
    3,193

    Re: Differences R70 / R71 CCSA

    Are the test questions downloaded from checkpoint.com on the same skill level as the real exam ?
  16. Replies
    11
    Views
    3,193

    Re: Differences R70 / R71 CCSA

    Since I study from the R70 Coursebook, I hope that they want to hear the minimum HW-requirements, upgrade stuff etc. from the R71 Release Notes ? Are that the "- Differences in supported upgrade path...
  17. Replies
    11
    Views
    3,193

    Re: Differences R70 / R71 CCSA

    Thank you ! So the R71 ccsa covers less topics than the r70 ? Ok, nice.
    I hope the new exam won't have that much silly questions than the old R70 CCSA that was the worst
    developed exam I ever saw !
  18. Replies
    11
    Views
    3,193

    Differences R70 / R71 CCSA

    Hello,

    last year I prepared and failed the CCSA R70 Exam. Now I want to prepare for the R71 CCSA Exam. What are the new topics of the R71 test I have to learn ?
  19. Replies
    6
    Views
    4,068

    Re: Unable to use certificate enrollment

    Hi,

    how is it possible to enroll user certificates over SNX ??
  20. Replies
    8
    Views
    3,827

    Re: I officially Hate the R70 CCSA exam

    I also did R60 Exams ( a,e,e+) but I also have to say that the CCSA R70 (no upgrade options from old CCSE+) is really worse written. I work with Checkpoint Firewalls nearly each day on different...
  21. Sticky: re: How To: Create Pre-Configured Endpoint Security Installation Packages

    Hello,

    I'm just trying to create a package where it should not be possible to disable the Policy. On gw the setting allow_disable_firewall is on client_decide (trac_client_1.ttm)
    On client I did...
  22. Replies
    36
    Views
    16,378

    Re: Check Point SecureConnect for iPhone

    ....where can I find this information ??
  23. Replies
    36
    Views
    16,378

    Re: Check Point SecureConnect for iPhone

    Sorry, but I care not about syncing on cluster ! I just want to know if the app can replace the l2tp connection or even how to configure the gateway for connecting with the app.
  24. Replies
    36
    Views
    16,378

    Re: Check Point SecureConnect for iPhone

    I mean the mobile app 1.2 from the app store . The L2TP thing is something different just for establishing a VPN Connection to the gateway.
  25. Replies
    36
    Views
    16,378

    Re: Check Point SecureConnect for iPhone

    Hi,

    has anybody tested so far with the R75 Release ? I can't find any documentation how to configure the access for the mobile app
  26. Replies
    1
    Views
    1,779

    Re: Failed to create mirror cma ....

    .... R71.10 same issue....both MDS same network same issue......one MDS and one containerstation only same issue.....

    Is there a problem testing Provider-1 on ESXi 4.0 ? Yes, I know this is not...
  27. Replies
    1
    Views
    1,779

    Failed to create mirror cma ....

    Hi,

    I'm trying to create a mirror cma for a customer's cma on the primary mds.

    The setup of my lab is :

    NodeA: prim MDS + container (IP:10.5.0.10)
    - CMA Customer A (IP:10.5.0.20)...
  28. Replies
    4
    Views
    1,929

    Re: CLM design - explanation ?

    OK, now it makes more sense ! I only need 2 CMAs and so I'll send the logs directly to each CMA.....
  29. Replies
    4
    Views
    1,929

    CLM design - explanation ?

    Hello,

    can anybody explain me why it is not possible to put a CLM (customer A) on the same MDS+CMA server where also a CMA of Customer A is ? Does this make any sense ?

    Or in Checkpoint words...
  30. Thread: IPSO Netflow

    by pebbles5
    Replies
    4
    Views
    3,497

    Re: IPSO Netflow

    Hi,

    I get netflow traffic out of the firewall. It's IPSO 6.2 ga024. Enabled netflow, with the acl matching option.
    So I had to create an acl matching traffic 0.0.0.0/0 in and out over some...
  31. Thread: IPSO Netflow

    by pebbles5
    Replies
    4
    Views
    3,497

    IPSO Netflow

    Hi,

    has anybody implemented traffic monitoring using a netflow collector and a ipso 6.2 gateway ?
  32. Replies
    0
    Views
    2,379

    SNMP Traps IPSO / correct receiver and mib

    Hi,

    I try to interprete the OIDs within the snmp trap sent by Nokia FW ( IPSO 6.2 or 4.2 latest Release).
    I imported the NOKIA-IPSO-SYSTEM-MIB.txt from /etc/snmp folder to my snmp trap receiver (...
  33. Replies
    6
    Views
    4,264

    Re: CCSA R65 or R70

    Hi,

    I found out that the ccse can be also valid for 4 years (csp partners), see post :

    CCSA R65 valid Duration
    johnsonas

    Am I right ? I have the problem that I can open no service...
  34. Replies
    3
    Views
    2,094

    Re: CCSA R65 valid Duration

    Hi,

    I just have the same problem with outdated CCSE. CP homepage says, thet a ccse shoul be valid for 4 years (for csp partners).

    How to Meet the Requirements if you do NOT Hold a Certification...
  35. Replies
    1
    Views
    1,758

    Connectra embedded rdp java problems

    Hi,

    on Connectra R66.1 I have configured rdp embedded client over snx application mode. All connections have the problem that the connection is interrupted every 10-20 minutes because of several...
  36. Replies
    5
    Views
    2,524

    Re: Packaging Tool / no setup.exe found

    Hello,

    has anyone an idea, what the problem is when repacking the client using cpmsi tool ? Secure Client R60 HFA03

    G:\package\extracted admin package>cpmsi_tool.exe "build.msi" in all
    Open...
  37. Replies
    5
    Views
    2,524

    Re: Packaging Tool / no setup.exe found

    OK. Than the only way with the new clients would be to install the client in vm, export the config files and repack the msi package ?
  38. Replies
    5
    Views
    2,524

    Packaging Tool / no setup.exe found

    Hi,

    I'm just trying to create a new secure client package using the Packaging Tool Gui. I already have old profiles and just want to use the new secrue client R60hfa03 package. When extracting the...
  39. Replies
    0
    Views
    1,607

    Globalknowledge R70 Essentials Power Camp

    Hello,

    does anybody know the course "Check Point Firewall R70 Essentials Power Camp " offered by globalknowledge ?

    It should update you with the new things on R70 to be prepared for CCSA and...
  40. Replies
    4
    Views
    2,290

    Re: VPN Acceleration Card and Secure XL

    I'm migrating to new hardware, so I use IPSO 6.2ga024 and R70.1.

    Still interesting, somtimes you have to enable SecureXL and some say you must disable it ( i.e my experience on the IP150 IPSO...
  41. Replies
    4
    Views
    2,290

    Re: VPN Acceleration Card and Secure XL

    Not only on Nokia Boxes ! I get more and more problems, that are solved by disabeling secure xl, also on SPLAT.

    I also think, that Secure XL should not be neccessary to get the accel cards...
  42. Replies
    4
    Views
    2,290

    VPN Acceleration Card and Secure XL

    Hello,

    I'm planning to implement an IP290 with VPN Accel Card. Do I have to disable Secure XL ? I had to do so on the IP 150 with accel card to get the vpn running. But some documents / sk say...
  43. Replies
    1
    Views
    1,503

    infoview R70.1 ??

    Can the actual infoview utility read cpinfos from R70.1 smartcenter ?
    I get always errors trying to open them.....
  44. Replies
    9
    Views
    3,275

    Re: Edge auto reboot ?

    And how to get the edge-script working on windows platform ... ?
  45. Replies
    1
    Views
    1,192

    R70.1 Dashboard/Tracker admin privileges

    Hello,

    without admin privileges R70.1 Dashboard runs problematic ( icons missing, tracker no detailed info).

    Has anybody an idea how to solve this ? I can not give every user using the tracker...
  46. Replies
    9
    Views
    3,275

    Re: Edge auto reboot ?

    Is thos a well known issue with the 3G modems ?
    I think that the issue was better with 7.5 .Since upgrading to 8.0.36 I've got more problems with the modems.....

    They are hanging on "establishing...
  47. Replies
    9
    Views
    3,275

    Re: Edge auto reboot ?

    This was my last option of doing so by running a cronjob on a server connecting via ssh to the edge an issue the reboot....

    OK, thanks so far....
  48. Replies
    9
    Views
    3,275

    Re: Edge auto reboot ?

    Good idea with Win 95 !

    I need the reboot because I have problems with UMTS Sticks hanging up after some days. Softreset does solve the issue.....
  49. Replies
    9
    Views
    3,275

    Edge auto reboot ?

    Hi,

    is it possible, to force the edge box to reboot every 24 or 48 hours ?

    Firmware 8.0.42
  50. Replies
    0
    Views
    1,584

    Old CCSA 156-215 to CCSE 156-315.1

    Hi,

    about two year ago I did the CCSA 156-215 Exam. Can I now start directly with 156-315.1 or do I need to pass the 215.1 CCSA Exam ?

    I think I have the skill for passing the CCSE, but...
Results 1 to 50 of 50