Support Center > Search Results > SecureKnowledge Details
R77.20.40 for Small and Medium Business Appliances Resolved Issues
Solution

The following issues have been resolved with Check Point R77.20.40 for 600 / 700 / 1100 / 1200R / 1400 Small and Medium Business (SMB) Appliances.

For more information, see the Check Point R77.20.40 for Small and Medium Business Appliances Home Page, Check Point 600, Check Point 700, Check Point 1100, Check Point 1200R and Check Point 1400 Appliance Product Pages.
You can also visit our 2012 Models Security Appliances forum, Small and Medium Business Appliances forum or any other Check Point discussion forum to ask questions and get answers from technical peers and Support experts.

Table of Contents

  • General
  • FireWall
  • VPN
  • IPS
  • Anti-Malware
  • HTTPS Inspection
  • Identity Awareness
  • SmartProvisioning
  • SSL Network Extender
  • Internet Connection
  • Command Line Interface (CLI)
  • SNMP
  • Manual Routing
  • Dynamic Routing

 

ID Symptoms
General
02333781 In Locally Managed appliances, a configuration change in the value of "Disable inspection for this service" for the SIP built-in service objects is not preserved after an upgrade.
02338317,
02339336
Transparent Portal authentication/ Single sign on (SSO feature is not supported on Check Point 1400 Appliances.
Refer to sk113237.
FireWall
02331689 In Locally Managed appliances, a FireWall "Block" rule that matches a user group in the "Source" causes connectivity issues.
VPN
01853107 You cannot use a pre-shared secret to connect through Site-to-Site VPN to a remote VPN site configured with a hostname. A certificate is required.
02296773 A Locally Managed appliance, defined as a Satellite in a Star community (not a Centrally Managed gateway defined with Permanent Tunnels on specific tunnels in the community) does not create the Permanent Tunnels correctly.
Another condition for failure is when "Route all traffic" is configured through the Center gateway.
02325998 In Locally Managed appliances, the automatic mechanism to calculate the local encryption domain does not exclude the peer's configured encryption domain, if there is an overlapping between its IP address ranges and local networks.
02169575 When VTI interfaces are used, Anti-Spoofing creates connectivity issues on traffic through route-based VPN. 
IPS
02274939 In Locally Managed SMB appliances, IPS logs show an irrelevant rule number field.
02343071 POP3 Login causes an informative IPS log on an event. This interferes with the IPS log analysis.
Anti-Malware
02335522 The malware event counter in reports shows a higher number than the number of logged events, due to a connectivity error caused by queries to Check Point ThreatCloud.
HTTPS Inspection
02312413 A rare timing issue can cause a temporary failure in the CRL cache mechanism.
Identity Awareness
02159202 When configuring a custom certificate for Browser-Based Authentication in Centrally Managed appliances (Identity Awareness pane -> Browser-Based Authentication section -> click on Settings... button -> in the Access Settings section, click on Edit... button -> in the Certificate section, click on Import... button), the certificate does not apply to Dynamic Address (DAIP) gateways.
SmartProvisioning
02278094 When managed by SmartProvisioning, the gateway status is sometimes shown as "Not responding" or "Unknown", although the gateway is responsive and up to date. Refer to sk110536.
SSL Network Extender
01867986 Internet Explorer 11 on Windows 10 does not support centrally managed SNX.
Note: to successfully connect to remote access through SSL Network Extender (SNX), a desktop must have JAVA installed.
Internet Connection
02325764 In 700 / 1200R / 1400 appliances, there is sometimes a connectivity issue if you use two dialer-type Internet connections to define a dual internet connection.
02041261 Throughput in Network Activity does not change on SMB appliances. Refer to sk112373
Command Line Interface (CLI)
02332686 You cannot use Gaia Clish to add an Internet connection of the type "analog cellular modem".
02170118 The "ckp_regedit" command fails in Expert mode.
02346449 In the Gaia Clish command "set bgp", the parameter name "graceful-restart-helper" is wrong. The correct parameter name is "graceful-restart".
02164110 The CLISH command "add server name" fails to to create a server object when using "udp-ports." 
SNMP
02342534 In some networks, the SNMP daemon has a high memory usage.
Manual Routing
02127758 Manual routing rules to specific internet connections fail if the internet connection name contains spaces.
Dynamic Routing
02267702 When dynamic routing is configured, after the appliance reboots it may appear as if there is a crash in the routing daemon. This is not a functional issue as the daemon is restored by a watchdog mechanism.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment