Support Center > Search Results > SecureKnowledge Details
R80.20.05 for Small and Medium Business Appliances Technical Level
Solution

Table of Contents

  • What's New
  • Enhancements
  • Supported Appliances
  • Downloads
  • Resolved Issues
  • Known Limitations
  • Documentation
  • Revision History 

What's New

Networking

  • Alias IP support - Associate more than one IP address to the same network interface.
  • Link Aggregation - Aggregate/Bond multiple network connections, join two or more interfaces together to improve performance and redundancy by increasing the network throughput and bandwidth.
  • Networking Support for 100 VLANs   
  • Dynamic address assignment (DHCP) from internet connection for bridge interface

Access Rulebase

  • Domain object - Support for domain objects in access rule base (see sk120633)
  • Updatable Objects - Support for network object that represents an external service (well known online service providers) for centrally managed appliances

Server Name Indications (SNI)

  • Next Generation Bypass - TLS inspection based on Verified Subject Name
  • Improved TLS implementation for TLS Inspection and categorization

Embedded Gaia R77.20 train gap closure

  • Threat Emulation Private Cloud

Management and Logs

  • MaaS - Management as a Service for centrally managed appliances

Features in EA Quality

  • IMAPs threat prevention email inspection
  • POP3s threat prevention email inspection

Enhancements

The Gateway hostname can now be assigned from DHCP server with DHCP option 12
  • When you edit or add a new internet connection, you can select to get the hostname from your WAN DHCP server.
  • Gateway name is dynamic, assigned by the external DHCP server which also provides an IP address upon request.
DHCP Whitelist
  • Configure your network so IP addresses are assigned by the internal network DHCP server only for known hosts (defined as network objects and a specific MAC address is assigned to the IP). DHCP requests from other hosts are ignore.

Supported Appliances  

  • 1500 Series: 1530, 1550, 1570 and 1590 appliances.

Downloads

Important Notes:
  • Check the MD5 string before installing the downloaded file.
  • To download these packages, you will need a Software Subscription or Active Support Plan.
  • 10 May 2020: Build 992001169 for R80.20.05 image has been released for 1500 appliances, replacing Build 1134.   
Download Package 1500 Appliance
R80.20.05 Build 992001169 for 1500 Appliances
R80.20.05 Build  992001169 for R80.20 SmartUpdate     

Resolved Issues

Note: Refer to sk167876 for the R80.20.05 Jumbo Hotfix Accumulator. 
ID Description 
SMB-12309 Cloud Services activation fails when the registration key is more than 9 characters in length.
SMB-11423 Changing the Web and SSH admin access ports (4434 and 22, respectively) to customized values does not take effect.
SMB-11514 DHCP domain name (option 15) does not work from the DHCP custom options table. The date is saved properly but not propagated to the network.
SMB-11969 The physical port for a VLAN created through clish commands is always LAN1.
SMB-12012 The BGP peer connection does not close after holdtimer expires.
SMB-12084 In centrally-managed mode, VPN Tunnel Test packets were sometimes not sent from the IP address of the internal network interface.
SMB-12086 In centrally-managed mode, a VPN IKE error may show in SmartView logs, and VPN tunnel establishment may fail.
SMB-12092 In locally managed appliances: When configuring Firewall Policy to Strict mode, traffic between two LAN ports may still be allowed.

Known Limitations

ID Description
SMB-12366 VoIP rule does not support a custom-service based on the SIP_UDP service, or a service group that contains this custom-service.
SMB-11948 In locally managed mode, a bond cannot be part of a cluster interface (same as with a switch and bridge).
SMB-11891 The LAN1 port cannot be configured as part of a Link Aggregation (Bond) interface.
SMB-12030 Alias IP assignment is not supported for centrally managed appliances.
SMB-12055 In locally managed 1500 appliances, creating a manual rule using "VPN Remote Access" objects is not supported.
SMB-12066 Alias IP cannot be configured on LAN ports assigned to internet connections.
SMB-12119 A USB storage device used for clean installation of a new image on the 1500 series must be formatted with FAT32 file-system.
SMB-11450 Connection Monitoring for all internet connections is disabled when a bridge is configured.
SMB-12173 VPN site to site is not supported when an Alias IP is assigned to one of the Gateway interfaces.
SMB-12090 In the Local Network page, the MAC address that appears next to bridge member interfaces shows the bridge MAC address instead of the physical interface MAC address.
SMB-12189 Traffic is blocked if the User Awareness blade is turned off and Browser Based Authentication is turned on.

Documentation

User Guides
R80.20.05 1500 Appliance Series Release Notes
R80.20.05 1500 Appliance Series Locally Managed Admin Guide
R80.20.05 1500 Appliance Series Centrally Managed Admin Guide
R80.20.05 1500 Appliance Series CLI Guide
Related Solutions
sk97766: Check Point 600 / 700 / 910 / 1100 / 1200R / 1400 / 1500 SMB Appliances Releases
sk159173: Check Point R80.20 for Small and Medium Business Appliances
sk159772: Check Point R80.20 for 1500 Appliances Features and Known Limitations
sk163612: R80.20.01 for Small and Medium Business Appliances
sk165454: R80.20.02 for Small and Medium Business Appliances
sk167876: Jumbo Hotfix Accumulator for R80.20.05
sk157412: 1500 Series Security Gateways

Revision History

Show / Hide this section
Date Description
10 May 2020 GA Replacement: Build 992001169 
05 April 2020 First release of this document
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment