Support Center > Search Results > SecureKnowledge Details
Check Point R80.30 with Gaia 3.10 Technical Level

Check Point Default version widely recommended for all deployment is R81.10 Take 335 with the latest Jumbo Hotfix Accumulator GA Take.
For more info on all Check Point releases, refer to Release map and Release Terminology articles.

Table of Contents:

  • Introduction
  • Key Features
  • Supported Platforms
  • Downloads
  • Resolved Issues
  • Known Limitations
  • Documentation


R80.30, part of the Check Point Infinity architecture, delivers the most innovative and effective security that keeps our customers protected against large scale, fifth generation cyber threats.

This release introduces R80.30 3.10 for Security Gateway and VSX, with major enhancements in firewall resiliency and Clustering mechanism.

This release is considered as a Main Train release, however it is not part of the Check Point R80.30 Release and requires a dedicated image. Note it can be managed by a Check Point R80.30 Security Management Server, which already supports the 3.10 kernel.

Starting August 2019 this release will be supported by a Jumbo Hotfix Accumulator release for both R80.30 3.10 and standard R80.30 versions.

R80.30 3.10 can be managed by the following Security Management Server releases:

Contact Check Point Support to obtain a special Hotfix for R80.10 and R80.20 based on your current Jumbo Hotfix Take.

Key Features

    • Improved firewall resiliency
    • Support for IPv6 (resolving R80.20 3.10 limitations)
    • Support for Dynamic CLI - Enhancing Gaia Clish with new Expert mode commands. See sk144112.
    • Clustering and VSX capabilities:
      • Unicast support for Cluster Control Protocol eliminating the need for CCP using Broadcast or Multicast modes
      • MAC magic configuration is no longer needed
      • CCP encryption is enables by default
    • New kernel capabilities:
      • Upgraded Linux kernel
      • New partitioning system (gpt):
        • Supports more than 2 TB physical/logical drives
      • Faster file system (XFS, see sk141432)
      • Supporting larger system storage (up to 48 TB tested)
      • I/O related performance improvements
        • Multi-Queue (see sk153373):
          • Full Gaia Clish support for Multi-Queue commands
          • Automatic "on by default" configuration
        • SMB v2/3 mount support in Mobile Access blade
        • Added NFSv4 (client) support (NFS v4.2 is the default NFS version used)
        • Support of new system tools for debugging, monitoring and configuring the system:
          • iotop (provides I/O runtime stats)
          • lshw (provides detailed information about all HW)
          • lsusb (provides information about all devices connected to USB)
          • lsscsi (provides information about storage)
          • ps (new version, more counters)
          • psmisc (new version, more counters)
          • top (new version, more counters)
          • iostat (new version, more counters
      • New glibc: glibc-2.17-157
      • New ethtool: ethtool-4.8-7
      • New Bash: bash-4.2.46-29
      • lbzip2 support (free, multi-threaded compression utility)
      • xz support (compression utility)
      • rsync support 


    Supported Platforms

    Product Details
    3600 and 3800 appliances Refer to sk110052.
    6200, 6600, 6900, 
    6400, 6700, 7000 appliances
    Refer to sk139932
    16000, 26000 and 28000 appliances 26000/26000T, 16000/16000T, 28000
    23000 appliances  23800, 23900
    • VMWare
    • KVM
    • Hyper-V
    • AHV
    • AWS
    • Azure
    • Google Cloud Platform
    Open Servers  Refer to the Hardware Compatibility List.



      Take # Date Clean Install CPUSE Upgrade
      Take 300

      23 September

       (ISO)  (TGZ)
      Take 47 13 January 2020  (ISO) N/A
      Take 320 21 May 2020  (ISO) N/A
      N/A 15 June 2020  (ISO) N/A


      Also see sk153152 - Jumbo Hotfix Accumulator for R80.30 (R80_30_jumbo_hf)

      Note: Starting from Take 50 of R80.30 Jumbo Hotfix Accumulator:


      Resolved Issues

      R80.30 with Gaia 3.10 Take 300
      ID Description
      GAIA-6457 In a rare scenario, memory leak appears when sending fragmented Multicast traffic
      GAIA-5914 Drop templates are not disabled for USFW (User space Firewall mode).
      GAIA-6172 In some scenarios, a new hotfix installation via CPUSE fails on VSX. Refer to sk159713
      GAIA-5883 In rare scenario, when configured as a proxy/ICAP client, a Security gateway may crash when using HTTPS Policy Categorization. 
      GAIA-6397 In some scenarios, traffic does not pass in VSX setup with VS-VSW-VS topology and some Threat prevention blades enabled on VSs. 
      GAIA-6324 In some scenarios, sending IP fragmented traffic through a Virtual Switch or Virtual Router fails with "Virtual defragmentation error".
      In a rare scenario, when SecureXL is enabled, a VSX gateway may crash. Refer to sk160912.
      In some scenarios, a remote client disconnects after one hour although the session is not idle. Refer to sk160213.
      GAIA-6383 Improved scalability and resiliency of URL Filtering service. 
      On cluster, Drop templates are disabled on reboot. Refer to sk153412



      Known Limitations

      ID Description
      - Stand-Alone deployment supported only in 3600/3800/6200/6400/6600/6700/6900/7000 appliances.
      - Connеctivity upgrade is not supported.
      DP-6242 To enable a CPUSE upgrade from gogo_heat_188_main to R80.40 or R81, do the following:
      1. Run 'touch /var/tmp/allow_r80_40_new_upgrade'
      2. Initiate CPUSE upgrade. 
      GAIA-3380 The 'raid_diagnostic' utility does not work for open servers. 
      GAIA-2649 On CloudGuard for AWS, the 'ethtool -G' command is not supported.
      GAIA-2648 On CloudGuard for Azure, the 'ethtool -G' command is not supported. 
      GAIA-2650 On CloudGuard for AWS, speed and duplex information is not available when using the ethtool. 
      GAIA-3205 Cannot change interface link speed to 1000MB after it is changed to 100MB.
      GAIA-3180 On HP Open servers with onboard NIC, Interface status in the switch might show as "Connected" even though the state in Gaia is OFF.
      GAIA-3345 Changing the MTU on the directly connected switches may cause drops of fragmented traffic due to a MTU mismatch. 
      ACCL-417 The following were removed: CPView Network -> Top-Protocols and Network -> Top-Connections tabs.
      GAIA-3957, GAIA-3944 When running the Hardware Diagnostic options of the RMA tool, "ipsctl_get_family_id:received error" messages may appear. These error messages can be safely ignored.
      GAIA-3490 10GbE i40e NICs determine their link-speed based on the type of connected transceiver (1G ot 10G) and cannot be changed manually. 
      GAIA-4937 Installing R80.20, R80.20.M2 and R80.30 Security Management Server with CPUSE or Blink on a machine previously installed as a R80.30 Security Gateway that uses the Linux Kernel version 3.10 is not supported. Instead, it is possible to perform a clean install using an ISO file. 
      GAIA-4849 OSPF is not supported with unnumbered VTIs. 
      GAIA-5914 Drop templates are not disabled for USFW (User space Firewall mode).
      • Resolved in R80.30 with Gaia 3.10 Take 300
      GAIA-6184 "Error while stopping check point processes" error when installing packages on a VSX environment. 
      GAIA-4573 Upgrade is only supported between kernel 3.10 versions (R80.20 3.10 and R80.30 3.10)
      GAIA-6992 CPUSE Clean install is not supported for 23000 appliances.
      GAIA-5737 Duplicate ping messages may appear when configuring bonding groups (~30 sec), one over the X722 based network interfaces and the other on Intel X710 Based network interfaces.
      The fw ctl multik utilize command is not supported in the User Mode Firewall (USFW). 
      PMTR-57258 Connections do not survive failover in a ClusterXL configured in the Active/Standby Bridge mode.



      Administration Guides
      R80.30 3.10 Release Notes 
      Related Solutions
      sk144112 - Gaia Dynamic CLI         

      Give us Feedback
      Please rate this document