Support Center > Search Results > SecureKnowledge Details
R77.20.87 for Small and Medium Business Appliances Technical Level
Solution

This article applies to Check Point 700 / 1400 / 910 Small and Medium Business (SMB) Appliances.

Table of Contents

  • What's New in Check Point R77.20.87 for SMB Appliances
  • Supported Appliances
  • Downloads
  • Released Hotfixes
  • Resolved Issues
  • Enhancements
  • Known Limitations
  • Documentation
  • Revision History 

For more information, refer to the following Product Pages: Check Point 700Check Point 1400 and Check Point 910.

Visit Check Point CheckMates Community to ask questions, start a discussion, and get expert assistance.

Important Note: This may not be the latest firmware release. To see the latest firmware release, refer to sk97766.

What's New in Check Point R77.20.87 for SMB Appliances?

    • Gateway support for WatchTower Mobile App notification in Hebrew, German, Spanish, Japanese, French and Portuguese.
    • Gateway support for SMP Email Notifications
    • Stability and security fixes

    Supported Appliances

    The supported appliances are:

    • 700
    • 910
    • 1400

     

    Downloads

    Important Note: Check the MD5 string before installing the downloaded file.

    Important Note: To download these packages, you will need a Software Subscription or Active Support plan.

    Build 990173120 is the latest R77.20.87 Jumbo Hotfix Accumulator General Availability release that can be directly downloaded from this article. 

    Download Package 700 Appliance 910 Appliance 1400 Appliance
    R77.20.87 Image (IMG) (IMG) (IMG)
    R77.20.87
    package for
    SmartUpdate    		 For R80.x SmartUpdate
    (TGZ)
    R77.30 SmartUpdate and SmartProvisioning
    (TGZ)

     

    Released Hotfixes

    R77.20.87 Jumbo Hotfix Accumulator is available in sk153433.

     

    Resolved Issues

    The table below lists the resolved issues in R77.20.87:

    ID Description
    General
    SMB-8547 In locally managed mode, route-based VPN tunnels might fail to establish.
    SMB-8568 Restore settings from file operation fails.
    SMB-9190 When Identify Awareness and Threat Prevention are both enabled, the 'sfwd' process might crash periodically, causing issues such as not being able to access the Security Logs page in the WebUI.
    SMB-9227 Added a CLI option for "keep-connections-open-after-policy-installation" for UDP/TCP services.
    SMB-9352,
    SMB-9397,
    SMB-9398    		 When a WAN-LAN bridge is configured, infected hosts do not appear in reports.
    SMB-9377 Implemented a stronger admin password hash algorithm than the one present in version R77.20.85 and higher. Refer to sk155172
     SMB-9232 The user cannot configure Gateway load thresholds in the WebUI. Applying threshold settings results in an "Unknown field" error. Refer to sk154132
    SMB-8971 Added support for SNMP OID 1.3.6.1.4.1.2620.1.1.30.1 and its matching trap OID 1.3.6.1.4.1.2620.1.2000.7.2 that indicates connection to the Log Server.
    SMB-8980,
    SMB-9299    		 In centrally managed appliances, the Gateway cannot pull the SSL Network Extender package from the User Center.
    SMB-8917 Corrected incorrect description for trap OID 1.3.6.1.4.1.2620.1.2000.1.2: Trap is triggered upon VLAN removal and not 'Interface unassigned.'"
    SMB-9298 When you attempt to import an internal CA that uses the ECDSA algorithm (e.g., ECC), the process fails and the core is generated. Refer to sk154152.
    SMB-9427 In specific scenarios, the WebUI did not load properly on Internet Explorer 11, Windows 7.
    SMB-9637 When activating Identity Sharing on a centrally managed appliance, the pep and pdp daemons may not respond.

     

    Enhancements

    ID Description
    General
    SMB-9204 Added a new advanced option in locally managed appliances ("Connection Persistence") which prevents VPN disconnections after changing any VPN-related configuration. Refer to sk155352.

     

    Known Limitations

    The table below lists known limitations in R77.20.87:

    ID Description
    General
    SMB-9039 When the user changes the WebUI access port, the Reach My Device service only works after rebooting. Therefore, connected WatchTower applications are not able to reach the gateway.
    SMB-9214 In rare cases, a new installation may have a problem with the internal CA certificate in the Security Gateway/cluster object, which causes an error message "This site can't be reached" to appear when trying to connect to the captive portal (user check portal, internal CA portal, browser based authentication portal).

    Solution: Renew the internal CA certificate.

     

    Documentation

    Release Notes
    R77.20.87 SMB Release Notes
    User Guides
    R77.20.87 700/900 Appliance Administration Guide
    R77.20.87 1400 Locally Managed Appliance Administration Guide
    R77.20.87 1400 Centrally Managed Appliance Administration Guide
    R77.20.87 700/900/1400 Appliance CLI Guide
    Related Solutions
    sk153433: Jumbo Hotfix Accumulator for R77.20.87
    sk97766 - Check Point 600 / 1100 / 1200R / 700 / 1400 / 910 Appliances Releases
    sk105380 - Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 / 910 Appliance Known Limitations

     


    Revision History

    Show / Hide this section
    Date Description
    15 Dec 2020 Release of Build 990173072
    03 June 2019 Release of Build 990172929 for R77.20.87 image.
    12 May 2019 First release of this document. 

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment 

    SECURE YOUR EVERYTHING

    ©

    Copyright | Privacy Policy
    Follow Us