Tag: Checkpoint

News

What is CoreXL & SecureXL

CoreXL: Technology that makes use of multiple processor cores SecureXL: Connection acceleration technology (both throughput and connection establishment) SecureXL is an acceleration solution that maximizes the performance of the Checkpoint Firewall. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. This is […]

Tags Checkpoint, CoreXL, Networking

How-To Software Technical

Check Point Firewall: Disconnect VPN or Mobile Access Clients

Post author By jermsmit
Post date October 31, 2018
No Comments on Check Point Firewall: Disconnect VPN or Mobile Access Clients

If you have a need to disconnect a user from the firewall forcibly. There are a few ways I am aware of that will force users off the VPN. Installing Security Policy (link)- clears the cached authentication of the remote user, although this doesn’t seem to disconnect them it prompts them to re-enter credentials. Expire […]

Tags Check Point, Checkpoint, CheckPoint Mobile, Mobile Access Clients, R77.80, Security, SmartView Monitor, VPN

How-To Technical

Check Point: Enable SSL Encryption for LDAP Accounts

Post author By jermsmit
Post date December 18, 2017
No Comments on Check Point: Enable SSL Encryption for LDAP Accounts

Background: Check Point users faced an issue when they wanted to change their expired passwords when logging into to the VPN via the SecureClient. Although they had been prompted to change password their attempts were not successful. I did some investigation into this and discovered that SSL needs to be allowed for LDAP communication for […]

Tags Check Point, Checkpoint, encryption, firewall, howto, LDAP, Security Gateway, VPN

How-To Personal

Tech Short: Capturing packets on Checkpoint

Post author By jermsmit
Post date August 24, 2017
No Comments on Tech Short: Capturing packets on Checkpoint

I’ve recently found myself capturing network traffic to troubleshoot reported issues. To successfully capture packets the use of tcpdump is required. And while you may be familiar with using this tool, the use is slightly different on Checkpoint devices. The devices in this reference is Checkpoint R77.30 and R80 devices. To capture the correct network […]

Tags Checkpoint, Checkpoint R77.30, fwaccel, R77.30, SecureXL, tcpdump, wireshark

How-To Software Technical

Tech Short: Debug VPN in Checkpoint R77.30

Post author By jermsmit
Post date August 24, 2017
No Comments on Tech Short: Debug VPN in Checkpoint R77.30

The following tech short will provide a list of commands used to enable debugging in Checkpoint’s R77.30 Firewall. To start you must SSH into firewall host (or active member). To turn on VPN debug from the expert mode: # vpn debug trunc At this point you want to test your VPN connection and verify that […]

Tags Check Point, Checkpoint, Debug, howto, IKEView, Notepad ++, R77.30, Tools, VPN, VPN Debug

How-To Software Technical

Restore of Checkpoint Fails with “The following hotfixes seem to be missing”

Post author By jermsmit
Post date April 6, 2017
2 Comments on Restore of Checkpoint Fails with “The following hotfixes seem to be missing”

Ran into a slight snag when attempting to restore a production backup into a VM(*VMware*) image of Checkpoint R77.30. I was using the Gaia WebUI to restore image returns a message: “The following hotfixes seem to be missing”. The message points me to a log file located under /tmp/ which indicates missing updates to the firewall […]

Tags Backup, Checkpoint, firewall, Gaia, R77.30, Restore, SSH, VMware