Table of Contents

• What's New in Check Point R75.20 HFA 65 for 600 / 1100 Appliance and Security Gateway 80
• Check Point R75.20 HFA 65 Downloads
• Check Point R75.20.x Documentation
• Check Point R75.20 HFA 65 Enhancements
• Check Point R75.20 HFA 65 Resolved Issues

 

For more information, see the Check Point 1100 Appliance Product Page and Check Point 600 Appliance Product Page. You can also visit our 2012 Models Security Appliances forum or any other Check Point discussion forum to ask questions and get answers from technical peers and Support experts.

Important Note: This may not be the latest firmware release. To see the latest firmware release, refer to sk97766.

What's New in Check Point R75.20 HFA 65 for 600 / 1100 Appliance and Security Gateway 80

Note: R75.20 HFA 65 should not be installed on appliances connected to Cloud Management.

• Support for 1100 to be managed by SMP R11 and above
• Support of new 3G/4G modems
• Quality improvements

Check Point R75.20 HFA 65 Downloads

Note: To download these packages you will need to have a Software Subscription or Active Support plan.

• R75.20 HFA 65 image for 600 / 1100 Appliance and Security Gateway 80
• Check Point 1100 Appliance R75.20 HFA 65 package for SmartUpdate

 

Check Point R75.20.x Documentation

• Check Point 1100 Appliance Administration Guide for Centrally Managed Deployment
  
• Check Point 600 Appliance Administration Guide
  
• Check Point 1100 Appliance Administration Guide for Locally Managed Deployment
  
• Check Point 1100 and 600 Appliances CLI and Advanced Routing Administration Guide

 

Check Point R75.20 HFA 65 Enhancements

The following enhancements were incorporated into Check Point R75.20 HFA 65 for 600 / 1100 Appliance and Security Gateway 80:

ID	Symptoms
Networking
01407997	Added support for multiple GRE sessions behind hide-NAT (for external PPTP servers).
01405622	Added support for this 4G modem: 4G/LTE Netgear 341 U.
01408758	Added support for these 3G modems: WM 320, MF120, k5150, E173.
01429651	Added support for this 3G modem: ZTE MF 120.
Configuration
01412535, 01401228	Added support for the 1100 Appliance to be managed by the Security Managmement Portal (SMP R11 and up).

Check Point R75.20 HFA 60 Resolved Issues

The following issues have been resolved with Check Point R75.20 HFA 65 for 600 / 1100 Appliance and Security Gateway 80:

Table of Contents

• Networking
• Configuration
• VPN
• WebUI
• CLI
• Anti-Spam
• High Availability

ID	Symptoms
Networking
01441484	The cpinfo utility hangs when an L2TP internet connection is on.
01424020	When disabling the WAN interface and DHCP is in Relay mode, DHCP stops serving requests.
01425708	No access to the internal network when connecting with SSL Network Extender.
01447517	In some cases SNMP replies with an incorrect sysName.
Configuration
01402972	When adding a static route with a specific source address and service the route is not applied.
01422026	Custom URLs defined with an asterisk (*) do not work in some scenarios. If there are multiple URLs defined in the same application, they may not be matched. Refer to sk101224.
01338367	SmartConsole does not support configuring VLAN on the WAN interface of 1100 Appliances.
01414325	An internal Firewall policy rule that is set with "Encrypted traffic only" is not matched on Remote Access traffic.
01402588	Rules with domain objects are randomly bypassed when there are many rules containing domain objects.
01420624	When a LAN-to-WAN bridge is configured before the appliance is connected to Security Management server and SIC is established, traffic coming from Internet is considered Internal and not scanned.
01446194, 01456889	DHCP option 43 (vendor-encapsulated-option) is not supported by the local DHCP server.
01426668	When adding a static route it does not show in the Tools > Show Routing Table.
VPN
01217687	An 1100 Appliance configured as a DAIP gateway behind NAT fails to establish a VPN connection with a cluster peer whose main IP is internal.
01406916	When a peer device is behind NAT, the VPN tunnel test fails when the tunnel is up.
01423710	Centrally managed 1100 DAIP gateway managed by SmartLSM encounters issues during IKE negotiation of VPN connections in specific scenarios.
01395928	A Site-to-Site VPN connection cannot be established between an 1100 Appliance and an R75.40 gateway when the certificate key size is 4096 bit.
01396878	A Site-to-Site VPN connection cannot be established between a 600/1100 Appliance and an R75.40 gateway due to a 'Certificate unavailable' error.
WebUI
01399286	The Cloud Services page does not load after disconnecting the gateway from the Security Management Portal.
01402279	In some scenarios, the Status information in the Status Bar is not visible.
01413821	When changing DNS settings from "Use DNS servers configured for the active internet connections" to "Configure DNS servers", the Static IP option is no longer available in the WebUI.
CLI
01440390	The "admin-access" command does not work properly.
01395208	After adding an internal BGP peer on a 600/1100/Security Gateway 80 Appliance you cannot edit the internal BGP peer configuration. Refer to sk101433.
Anti-Spam
01410251	When Anti-Spam is enabled, SMTP/POP3 traffic might be hide-NATed behind the gateway even though hide NAT is not configured.
High Availability
01399443	When an appliance is configured with: cluster, Internet connection with ISP redundancy HA mode, monitored by cluster, hide NAT and there is a connection from the internal network to the Internet, the local network IP address is used as a connection source and not the cluster VIP IP address.

This solution is about products that are no longer supported and it will not be updated