Support Center > Search Results > SecureKnowledge Details
R77.20.20 for Small and Medium Business Appliances Resolved Issues
Solution

The following issues have been resolved with Check Point R77.20.20 for 600 / 700 / 1100 / 1200R / 1400 Small and Medium Business (SMB) Appliances:

Table of Contents

  • Hardware and Configuration
  • VPN
  • Wireless
  • WebUI
  • System Tools
  • Security Reports
  • VoIP
  • DDNS
  • Clusters
  • Identity Awareness / Application Control / IPS / Anti-Virus
  • Routing
  • SNMP
  • Logging & Monitoring
  • Internet Connection
  • CPU
  • Command Line Interface (CLI)
  • SmartProvisioning
  • Anti-Virus
  • QoS

 

ID Symptoms
Hardware and Configuration
01936555 For 700 Appliances: When changing the linkspeed of a specific interface from manually chosen 10M/100M to auto-negotiation/1G, the linkspeed LED sometimes turns yellow. This does not indicate an error.
01933368 For 700 Appliances: Choosing the manual link speed of 100M on the LAN ports sometimes causes the speed LED to be turned off instead of showing the correct color.
01883502 In 1200R appliances, netstat configuration commands from CLISH fail and show a "no routing information" error message.
01916019 When NTP is configured, rebooting may cause a short period of time misalignment.
VPN
01932465 For 700 Appliances: When an Internet connection is created through the DMZ interface, the status sometimes shows "cable disconnected" for a few seconds before the correct status is displayed, even though a cable is connected.
01983752 When a remote site is configured by the hostname, the tunnel does not always re-establish after an IP address change.
01804911 The VPN tunnel disconnects when the primary internet connection is down, even when there is a secondary internet connection.
01933754 When VPN is configured with a 3rd party gateway, "packet malformed" messages sometimes appear.
01929203 When a gateway is configured to route all traffic to a remote VPN site, the gateway does not negotiate a universal tunnel.
Wireless
01911007 For 700 Appliances: After manually configuring the channel width for the wireless radio n the wireless models of the 730/750 appliances, you must reboot the appliance.
01842370 The user cannot set MTU to the wireless network.
WebUI
01899593,
01918191,
01904327,
01918207
For 700 Appliances: The progress bar "Appliance will be up in X seconds" on the "Device" tab -> "System Operations" page -> "Reboot" page shows a longer time than it actually takes the appliance to boot.
01911674 On locally managed devices, if you create a rule with a right-click over another rule, the new rule always appears at the bottom of the Rule Base even if you select other options.
01393904 Locally managed devices miss statistical information for POP3 Anti-Virus and Anti-Spam inspection.
System Tools
01926464,
01965745
For 700 Appliances: The CPU Usage shows only one of the CPUs on "Home" tab -> "Tools" page - "Monitor System Resources" page.
Security Reports
01866519 Local security reports do not show data when the Internet connection is configured for Load Balancing.
VoIP
01964730 In VoIP SIP protocol inspection, NAT does not work correctly.
01959884 Media (RTP) does not pass over VoIP call initiated from Cisco Unified Communications Manager (CUCM) v8.6.2 to Media Gateway through Check Point Security Gateway. Refer to sk93034.
DDNS
01970349 The DDNS configuration does not allow the use of the "-" character.
Clusters
0195879 When a cluster is defined with OSPF, repeated debug messages such as "OspfClusterTransition(3504): slave to slave event ignoring" are shown in certain scenarios.
Identity Awareness / Application Control / IPS / Anti-Virus
01989113,
01910074
Some HTTPS websites are marked as uncategorized when the "Categorize HTTPS websites" feature is enabled in APPI engine settings. Refer to sk110475.
01951586,
01976802
IPS signature updates on locally managed appliances cause high memory usage.
01971478 Anti-Virus blade POP3 scans do not use the Transparent proxy mode.
01846813 When the user performs inspection over HTTPS (either URLF only or a full inspection), sporadic user space core appears
01865683 The configuration of "Browser transparent Single Sign-On" under Identity Awareness -> Browser-Based Authentication in SmartDashboard is not supported in centrally managed devices.
01854068 "Intrusion Prevention (IPS)" blade on Centrally Managed 1100 appliance is shown as "ON" when installing policy in R80 SmartConsole, although IPS blade is disabled in the 1100 appliance object.
Refer to sk112379.
Routing
01860169 When the RIP dynamic routing protocol runs in specific scenarios, too many system logs are created.
01926619 When dynamic routing is configured, an "Unable to open '/dev/fw6v0'" message sometimes appears in the /var/log/messages file.
01895825 Memory leak in routed process on the active cluster member when routed sync connection is re-established by the standby member.
01964545 If RIP dynamic routing protocol is configured, the routed daemon may crash when the appliance is rebooted.
01845664 When the PIM dynamic routing protocol is configured, multicast traffic is dropped.
SNMP
01885145,
01883664
SNMP traps cause a memory issue in specific scenarios.
Logging & Monitoring
01980139 Locally generated reports on the gateway fail to show the top potentially high-risk applications in the table.
01865541 "Low memory" system log warning is sometimes shown after a service blade update. This message can be safely ignored.
Internet Connection
01864255,
01867028
The user cannot connect to the internet when ADSL is configured with EOA and DHCP.
CPU
01961596 Too frequent anti-malware update checks may cause a high CPU.
01965212, 02000843 If the Check Point User Center has a data mismatch due to the cache, this causes a high CPU and frequent license checks when the user browses to the License page in the web application.
Command Line Interface (CLI)
01870580 When network objects are configured locally on the appliance, the show configuration command sometimes fails.
01915706 When the fw monitor command is used, this error message appears: "fw_mtcounter_get_value: could not abtain counter id..."
SmartProvisioning
01963225,
01963249
The option to configure the Security Management Server's IP address on the gateway side does not work when the Management Server uses SmartProvisioning.
Anti-Virus
01855817 The user cannot create custom file extensions to configure specific actions in the Anti-Virus blade in locally managed appliances.
QoS
01689471 Accelerated mode for QoS, as described in sk98229, is not supported for 600/1100/1200R appliances - starting from R77.20.20, accelerated QoS is supported and active by default.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment