Packets do not go through the ZeCo Buffer when MTU larger than 4096 (for Jumbo Frames) is configured on VSX interface(s) with the "set interface IFNAME mtu VALUE
" command.
This problem was fixed. The fix is included in:
For other supported versions, Check Point Support can supply a Hotfix.
A Support Engineer will make sure the Hotfix is compatible with your environment before providing the Hotfix.
For faster resolution and verification, please collect CPInfo files from the Security Management Server and Security Gateways involved in the case.
Hotfix installation instructions:
-
Hotfix has to be installed on VSX Gateway running on Gaia OS.
Notes:
- In cluster environment, this procedure must be performed on all members of the cluster.
- The hotfixes must be installed in the given order - 1) SecurePlatform, 2) FW1
- The hotfixes must be uninstalled in the given order - 1) FW1, 2) SecurePlatform
-
Install the hotfix packages using Legacy CLI:
Note: On these versions of VSX, the CPUSE does not support installation of hotfixes (refer to sk92449 - section "(2)" - "VSX Gateways").
-
Transfer the two hotfix packages to the machine into two separate directories:
- FW1 package (fw1_wrapper_<HOTFIX_NAME>.tgz) into e.g., /path_to_FW1_fix/
- OS package (SecurePlatform_<HOTFIX_NAME>.tgz) into e.g., /path_to_OS_fix/
-
Unpack and install the OS hotfix (must install the "OS hotfix" before the "FW1 hotfix"):
[Expert@HostName]# cd /path_to_OS_fix/
[Expert@HostName]# tar -zxvf SecurePlatform_<HOTFIX_NAME>.tgz
[Expert@HostName]# ./SecurePlatform_<HOTFIX_NAME>
Note: The script will stop all of Check Point services (cpstop) - read the output on the screen.
-
Do NOT reboot yet.
-
Unpack and install the FW1 hotfix package (must install the "FW1 hotfix" only after the "OS hotfix"):
[Expert@HostName]# cd /path_to_FW1_fix/
[Expert@HostName]# tar -zxvf fw1_wrapper_<HOTFIX_NAME>.tgz
[Expert@HostName]# ./fw1_wrapper_<HOTFIX_NAME>
Note: The script will stop all of Check Point services (cpstop) - read the output on the screen.
-
Reboot the machine.
Applies To:
- 01657585 , 01860570 , 01917226 , 01680274 , 02363044 , 02344528 , 02311159 , 01956929 , 01678564 , 02503000 , 02479929 , 02351065 , 01872075 , 01862924 , 02413573 , 02380897 , 01868068 , 02491066