LTE (Long Term Evolution), marketed as 4G LTE, is a standard for wireless communication of high-speed data for mobile phones and data terminals. This solution describes the LTE hotfix above R77.10 for Telco and LTE carriers market.
- Firewall-1 GX support including GTPv0 / GTPv1 and GTPv2
- GTP CoreXL support
- GTP signaling rate limit
- SCTP inspection and acceleration
- Diameter inspection
- Syslog support including "Syslog in Kernel"
- VPN-1 functionality for S1 interface
- MSS adjustment
- Stateful NAT64
- NAT64 Static
- Stateless NAT46
- Large Scale VPN
R77.10 LTE Hotfix can be installed only on top of R77.10 Factory Image. Refer to R77.10 LTE Hotfix Release Notes.
Note: If you have previously installed any hotfixes on top of your current version, then contact Check Point Support before applying this R77.10.LTE Hotfix to verify that it is compatible with your environment.
If R77.10 LTE Security Gateway is managed by a Management Server without LTE Hotfix, then a specific kernel parameter should be enabled on R77.10 LTE Security Gateway.
Follow sk26202 - Changing the kernel global parameters for Check Point Security Gateway to permanently set the value of kernel parameter gtp_allow_bc_ver_entry to 1 (one):
- Connect to command line on R77.10 LTE Security Gateway (over SSH, or console).
- Log in to Expert mode.
- Permanently set the value of kernel parameter gtp_allow_bc_ver_entry to 1:
- Create the $FWDIR/boot/modules/fwkern.conf file if it does not exist:
[Expert@HostName]# touch $FWDIR/boot/modules/fwkern.conf
- Edit the $FWDIR/boot/modules/fwkern.conf file in Vi editor:
[Expert@HostName]# vi $FWDIR/boot/modules/fwkern.conf
- Add the following line (spaces are not allowed):
- Save the changes in the file and exit from Vi editor.
- Check that the value was set for the 'gtp_allow_bc_ver_entry' parameter:
[Expert@HostName]# grep "gtp_allow_bc_ver_entry" $FWDIR/boot/modules/fwkern.conf
- Reboot the R77.10 LTE Security Gateway.
- Verify that the value of kernel parameter was set to 1:
[Expert@HostName]# fw ctl get int gtp_allow_bc_ver_entry
The output should be: gtp_allow_bc_ver_entry = 1
This solution is about products that are no longer supported and it will not be updated