Support Center > Search Results > SecureKnowledge Details
R77.20.31 for Small and Medium Business Appliances Resolved Issues
Solution

The following issues have been resolved with Check Point R77.20.31 for 600 / 700 / 1100 / 1200R / 1400 Small and Medium Business (SMB) Appliances:

Table of Contents

  • VPN
  • Networking
  • WebUI
  • Rule Base
  • Anti-Virus / Anti-Spam
  • Dynamic Routing
  • High Availability
  • SmartProvisioning
  • QoS
  • General

 

ID Symptoms
VPN
02058499
In locally managed appliances, if you turn off the "Categorize sites over HTTPS" feature, it causes a VPN remote access client disconnection
01571378 In centrally managed appliances, when the appliance takes part in site-to-site VPN with route all traffic, access to SSH and WebUI fails.
Workaround: Exclude these services manually on the VPN community. 
Networking
02044198
In 770/790/1470/1490 appliances, you cannot create tag-based VLANs on LAN ports LAN9 - LAN16.
01834058 Dialer (PPP) internet connection cannot be configured with a password of more than 15 characters. 
01981961 In the 600/1100/1200R appliances, a kernel panic occurs if you define a bridge that includes the wireless network, and the DMZ and WAN interfaces.
01629097 Unnumbered VTI is not supported in 1200R appliances. 
01678009 When trying to add a disabled LAN interface to a bridge, the operation fails with an irrelevant message about wireless.
Workaround: enable the LAN interface before adding it to the bridge. 
01852927  "FWLOG: [XXXXX] WHAL_ERROR_RESET_*" error message sometimes appears in dmesg for wireless appliances. This message can be safely ignored.
01999202  The 700/1400 appliances' reboot time is shorter than the time some ISPs take to reach a timeout and allow the dialer to reconnect. As a result, it might take a few minutes for this type of Internet connection to be back up after reboot if the power was quickly disconnected and reconnected again, or the device rebooted for another reason.
02016282  While connected to 700 appliance using Windows 8/8.1 integrated Remote Access Client, it is possible to access Internal resource, but WebUI/SSH on 700 appliance are not accessible.
Refer to sk111139
WebUI
02009224
In local WebUI statistics for the Security Software Blades, the firewall statistics sometimes show "show 0 dropped packets."
02062968  You cannot configure DHCP reservation on server objects through the local WebUI. 
Refer to sk111961
02032051 "Periodic backup is off" message in local WebUI even when the configuration in the SMP is set to enable periodic backup. The Periodic Backup function still functions correctly.
02015566 Dialer passwords cannot use more than 15 characters even though at times up to 64 characters are needed. 
Rule Base
01989090
In locally managed appliances, the "Block" action in the Rule Base cannot be configured to silently drop traffic from external sources.
Anti-Virus / Anti-Spam
02064825
In locally managed appliances, a "Bypass - General Error" accept log is sometimes created on POP3 traffic when Anti-Spam is active.
Dynamic Routing
01611633
The "show ospf neighbors" CLISH command is not available. The only available command is "show ospf neighbors detailed".
02012852, 02015172  PPPoE Tunnels Abort RouteD Daemon When Sharing The Same Peer Gateway on 600/1100 Security Appliance. Refer to sk110938
High Availability
02027168  An SNMP query to OID .1.3.6.1.4.1.2620.1.5.2.0 shows "HA installed" even when the device is not in cluster mode 
SmartProvisioning
02041680  For centrally managed devices, the default PA_admin mode is incorrect. This causes SmartProvisioning to show "maintenance mode" even though the device is up.
QoS
02031845  In centrally managed Small Office appliances, if the QoS blade is activated, the fetch QoS policy does not work if the Security Management server is behind NAT. Locally overriding the Management IP address also does not affect the QoS policy fetch.
General
02049893
In 1200R appliances, when downloading a firmware file through Chrome, the ".img" extention is automatically changed to a ".gz" extension. The WebUI does not accept a ".gz" or ".tgz" file for upgrades.
Applies To:
  • This solution supersedes the R77.20.30 firmware and includes a stability fix

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment