CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: joeri

Search: Search took 0.00 seconds.

  1. Replies
    2
    Views
    837

    Re: VRRP with 3 firewall members

    OK, thanks, I will give it a try, the 3 members see each other already on Checkpoint level (cphaprob stat). I just still need to add the 3rd member on VRRP level.
    2 firewalls are at the main site,...
  2. Replies
    2
    Views
    837

    VRRP with 3 firewall members

    Hi, just a quite simple question, can I create a cluster with 3 members with VRRP ? 1 Active, 2 Passive. VRRP config would then look like this:

    FWA highest priority
    FWB lower priority
    FWC lowest...
  3. Replies
    0
    Views
    936

    Interface state "absent" after policy push

    Hi,

    since we have pushed the policy one of our interfaces displays as absent in clish (running on an old IP530 box):
    Physical Interface eth1
    Absent
    Logical Interface ...
  4. Re: Correlation Unit: Error: Event distributor is not connected

    Anyone knows how this got solved ? I have the same behaviour with R71 after a reboot. Thanks !
  5. Replies
    15
    Views
    8,182

    Re: State of ipv6 in Check Point products

    yep, allready did that aswell... the more requests, the sooner something will be done about it.
  6. Replies
    15
    Views
    8,182

    Re: State of ipv6 in Check Point products

    Maybe it's an idea, that all people here on this forum who need (better) support on IPv6 with Checkpoint, enter an RFE, maybe that helps... if we all do it, we maybe get something moving, the URL:...
  7. Replies
    1
    Views
    2,569

    R7x IPv6 pack for IPSO ?

    Anybody heard something about an IPv6 pack for IPSO ? Currently there's only an IPv6 pack for SPLAT, issue is that without an IPv6 pack, CoreXL, SecureXL, and a lot of other things are DISABLED ! Any...
  8. Re: SmartDashboard R71 - View - Objects List - Screen Blank

    Hi, any update to this issue ? We also went to R71, and I'm having the same behavior as described here.

    Thanks !

    Apparently when you rightclick the objects list, and add them manually, they...
  9. Replies
    1
    Views
    1,755

    Re: Eventia Analyzer: policy install commit error

    Interesting progress: CPSEAD contains: Failed to create filter for high_connection_rate_on_external_host_on_service_1

    When I disable that event in the Event policy, I'm able to install the...
  10. Replies
    1
    Views
    1,755

    Eventia Analyzer: policy install commit error

    Hi,

    I'm unable to install a new policy on the Eventia Analyzer part (R71), I get following error message:Installation failed. Reason: Failed to execute Policy install commit function.

    Box is...
  11. Replies
    3
    Views
    1,500

    Re: BIOS 2.14.10 working with IPSO 4.2 ?

    OK thanks, so we can safely first move to the new BIOS version in combination with IPSO4.2, have it running for a few weeks, and then go to IPSO6.2, good !
  12. Replies
    3
    Views
    1,500

    BIOS 2.14.10 working with IPSO 4.2 ?

    Hi,

    referring to "sk42595 Updating an IP Appliance BIOS", we need to upgrade the BIOS to have IPSO6.2 with the multicore running. Now, when I first would upgrade to the new BIOS: 2.14.10, will...
  13. Re: Inspect Scrip - Limit Maximum Number of sessions per user (per protocol) - Thrott

    I believe you could actually do it with client authentication, because there you have the option of specifying "session limits". If you then would combine that with the "Session Authentication...
  14. Replies
    4
    Views
    2,100

    No CCSE Plus for R7X ?

    Hi,
    was just browsing certification pages on CP, I couldn't find any info on the CCSE plus R70. Will it still be available for R7X in the future ? Any ideas ?
  15. Replies
    16
    Views
    3,039

    Re: anyone on R65 HFA70?

    I'll do, but are going to give it a few tries again, it's a new box, so I can test/scratch it as much as I want. I just want to understand what is going on, and wrong...
  16. Replies
    16
    Views
    3,039

    Re: anyone on R65 HFA70?

    Completely agree, in my situation it's even getting to a point where it's very frustrating, I was always very pro Checkpoint, and still am, because I don't want to be struggling around with...
  17. Replies
    16
    Views
    3,039

    Re: anyone on R65 HFA70?

    Thanks for replies so far, the reason why we would go for HFA70 and NOT R70 (or anything above), is that R70 doesn't look stable. We tried to upgrade the mgmt environment, no success... although...
  18. Replies
    16
    Views
    3,039

    Re: anyone on R65 HFA70?

    Hi,

    Could anybody confirm if HFA70 in combination with IPSO6.2 (MR1), enables multicores ? Currently I have some machines which are multi-core capable, but due to the R65 release they still run on...
  19. Replies
    6
    Views
    24,844

    Re: CCSE R70 Exam now live

    For my CCSE upgrade to R65 I had both the official courseware book and all "free" PDF files. The book alone was not enough to get through the exam, but you also need the PDF's, which contain on each...
  20. Replies
    6
    Views
    24,844

    Re: CCSE R70 Exam now live

    Does anyone know if there will be an accelerated CCSE R70 offered ? I can't find much on info on this. Thanks !
  21. Replies
    2
    Views
    2,803

    Re: SmartEvent R70.20 Feedback

    yeah well, R70 was a stable release, didn't have a lot of issues with it. R70.20doesn't look to be stable "out of the box", I think my issues are also related to following SK's: 44206 and 44163.
    ...
  22. Replies
    11
    Views
    7,349

    Re: Eventia Analyzer Server crashes

    the issue popped up again, I'll have it analysed by Checkkpoint this time to find out what's going on. Looks like the R70 release was quite stable, R70.20 isn't.
  23. Replies
    11
    Views
    7,349

    Re: Eventia Analyzer Server crashes

    Nevermind the previous post, a reboot fixed the issue :-)
  24. Replies
    11
    Views
    7,349

    Re: Eventia Analyzer Server crashes

    Well, this fixed it for me aswell apparently, however now I do run into another "warning" in Smartview monitor: event distributor is not connected. Does anybody have an idea what this means ?

    Also...
  25. Replies
    11
    Views
    7,349

    Eventia Analyzer Server crashes

    Hi,

    I've just did a completely fresh install of the Eventia Suite on R70, upgraded to R70.20, installation was done on an completely new box, with windows 2008. Smartview monitor gives following...
  26. Thread: IP560 Box Reboot

    by joeri
    Replies
    8
    Views
    2,324

    Re: IP560 Box Reboot

    Any update on this thread ? Or solution, as we're seeing the same issue with an IP560, IPSO4.2 build081, R65 (base install).
  27. Replies
    15
    Views
    6,463

    Re: Checkpoint going the Palo Alto way ?

    I wonder how they will handle performance wise, they'll probably just keep adding cores to each system, let's face it on 1 box, firewall, IPS, some other stuff like floodgate..., the "application"...
  28. Replies
    15
    Views
    6,463

    Checkpoint going the Palo Alto way ?

    Looks like they will offer the application control on another blade:Check Point to Add Security Controls for Over 50,000 Applications and Web 2.0 Widgets - Press Release

    Looks a lot like Palo Alto...
  29. Nokia HA move to clustering/loadbalacing - experiences ?

    Hi,

    anybody experience with moving from an IPSO HA (with VRRP) solution to the Nokia (multicast) clustering solution ?

    We're currently running al lot of clusters on HA mode, however to get more...
  30. Replies
    17
    Views
    5,655

    Re: Some info about exam

    Just wanted to report back on the status, passed this morning with score of 88 :-) !

    A few things:
    - study the official coursebook very hard
    - not everything from the exam is covered in the...
  31. Replies
    15
    Views
    17,399

    Re: How to block SSH tunneling ?

    Woud be an interesting possibility to do this. I heard a lot about Palo Alto firewalls lately, possibly they have already such a solution.
  32. Replies
    15
    Views
    17,399

    Re: How to block SSH tunneling ?

    Well, Microsoft is working more or less on such a thing:

    TMG Beta 2 also allows corporations to monitor SSL traffic. It decrypts the traffic, inspects it for malware, and then re-encrypts it....
  33. Replies
    15
    Views
    17,399

    Re: How to block SSH tunneling ?

    I understand it's encrypted, but I had the impression from this explanation: Combatting ssh tunneling with CheckPoint's SmartDefense. | Kelly O'Donnell Consulting it would be possible to do such kind...
  34. Replies
    15
    Views
    17,399

    How to block SSH tunneling ?

    Hi,

    could somebody please explain the SSH enforcement properly ? We have a rulebase which ALLOWS SSH. But we want to block SSH tunneling, not very clear from Smartdefense description how to do...
  35. Replies
    17
    Views
    5,655

    Re: Some info about exam

    Hi,

    I'll be taking this exam in about 1 month time. For now I'm studying mainly the official courseware book: "CPTS-CSPP-Accelerated-CCSE-R65". I have quite some years experience on checkpoint...
  36. Replies
    1
    Views
    1,552

    IP260 - Disk died ?

    Hi,

    just booted up a spare IP260, and get following messages:
    ....
    Loading kernel from BIOS_BOOT
    Loading master boot sector...
    Transferring control to the master bootstrap loader...
    Starting...
  37. Re: MS VPN from behind R62. Only 1 connection at a time...

    It should work with L2TP starting from NGX version, for PPTP, you need to enable the PPTP enforcement in Smartdefense. That should do the trick.
  38. Replies
    34
    Views
    10,052

    Re: R70 is finally here?

    If they really will phase out Nokia and IPSO in a few years, customers will be obliged to turn to another platform, and I suspect a lot of them will make the same analysis as we will do. If you need...
  39. Replies
    34
    Views
    10,052

    Re: R70 is finally here?

    Any word on R70 Nokia/IPSO support ? It looks like they're only talking about the Checkpoint appliances and open servers...
  40. Replies
    38
    Views
    11,204

    Re: R65 HFA40 released

    What about multi-core support ? HFA40 release notes state not supported, so people with multi-core deployed are in the "cold" aswell...
  41. Thread: NGX R65 book

    by joeri
    Replies
    1
    Views
    1,877

    Re: NGX R65 book

    As far as I know this book hasn't been published yet.
  42. Replies
    7
    Views
    3,329

    Re: Experience Firefly ?

    "I only wish I had side-by-side comparisons vs the new Nokia hardware", yep and even with other platforms, I think the Checkpoint community needs something like this... not the marketing talk but...
  43. Replies
    7
    Views
    3,329

    Re: Experience Firefly ?

    Thanks for all your replies so far, one of the things which is also worth considering is that all new features are "immediately" there, certainly looking at CoreXL, while with -non checkpoint...
  44. Replies
    7
    Views
    3,329

    Experience Firefly ?

    Hi,

    Anybody has experience with Checkpoint Firefly systems ?
    I'm looking for some good feedback on this, how do they compare to other systems, Nokia IP series, Crossbeam, Dell 2950's,...
    ...
  45. Replies
    22
    Views
    9,780

    Re: NGX Certifications

    Hi, just as notice, seems that Syngress will bring out an R65 version:

    Check Point NGX R65 Security Administration - Elsevier
  46. Replies
    26
    Views
    11,485

    Smartview monitor - 1 gateway disconnected

    Hi,

    we have 1 firewall which stays disconnected in smartview monitor, analysis:
    - mgmt traffic allowed in policy
    - policy push is OK
    - SIC is OK
    - logs are OK
    - with netstat mgmt ports are...
  47. Thread: R60_HFA05

    by joeri
    Replies
    34
    Views
    13,634

    Re: R60_HFA05

    Not able to find it on dbedit specific for gateway, I would assume that the option is there - even when gateways are not running HFA05.
    The global "out-of-state" is in there.

    I still need to...
  48. Thread: R60_HFA05

    by joeri
    Replies
    34
    Views
    13,634

    Re: R60_HFA05

    well, that's the problem ! it's still GLOBAL as before, not able to activate or de-activate it on a specific gateway...as the solution describes.
  49. Thread: R60_HFA05

    by joeri
    Replies
    34
    Views
    13,634

    Re: R60_HFA05

    Does anyone have an idea how you can get this activated:

    R60_05-24:
    Cannot globally allow out-of-state packets for a specific gateway.
    Install On: Gateway

    So we would be able to...
  50. Thread: R60_HFA05

    by joeri
    Replies
    34
    Views
    13,634

    Re: R60_HFA05

    Any news on R62 HFA01 ? Any target dates set ?
  51. Replies
    3
    Views
    1,759

    Re: Driver information in Nokia Ipso ??

    ipsctl ľa > out

    just put output of this cmd in a file, go through the file, there will be somewhere an interface part, that should containt all details.
  52. Replies
    3
    Views
    2,249

    Re: IP560 or IP1220 ?

    Well, floodgate will not be used. I'm really looking at this moment for performance and throughput, and the IP560 just looks more interesting. On PAPER (performance-throughput), the 560 looks to be a...
  53. Replies
    3
    Views
    2,249

    IP560 or IP1220 ?

    Hi,

    looking at the comparison sheet http://europe.nokia.com/NOKIA_BUSINESS_26/Europe/Products/Security_Products/sidebars/pdfs/Nokia_IPSecPlatforms_ProductMatrix_EMEA.pdf from Nokia, it seems that...
  54. Replies
    0
    Views
    1,536

    Sequence Verifier activated - but not logged ?

    Hi,

    We're experiencing following problem (on R55):

    -we see a huge amount of sequence verifier packets being logged through smartview monitor (systems counters - Smartdefense History)
    - we...
  55. Replies
    2
    Views
    3,623

    Re: How do I use L2TP clients with FireWall-1?

    Just for your information, in the meantime no statement from Checkpoint on this, anybody an idea ? Anybody that has this running (L2TP over HIDE NAT)?
  56. Replies
    2
    Views
    3,623

    Re: How do I use L2TP clients with FireWall-1?

    Hi,

    So this is about connecting directly with an L2TP client towards the firewall. How does the FW-1 behave with L2TP passthrough and HIDE NAT ?

    Have following problem:

    Internal Network...
Results 1 to 56 of 56