Support Center > Search Results > SecureKnowledge Details
NGX R65 Known Limitations Technical Level

This article lists all of the known limitations of NGX R65.

This is a live document that may be updated without special notice. We recommend registering to our weekly updates in order to stay up to date. To register go to UserCenter > My Profile > My Subscriptions.

Important notes:

  • To get a fix for an issue listed below contact Check Point Support with the issue ID.

  • To see if an issue has been fixed, search for the issue ID in Support Center.

For more information on NGX R65 see the NGX R65 Release Notes and NGX R65 Resolved Issues.

Visit our discussion forums to ask questions and get answers from technical peers and Support experts.
Popular forums:


ID Found in Product Symptoms Fix Included in HFA
00343981, 00216144 GA SmartCenter The command fw stat vs_name does not function on the VS. HFA_01
00349144, 00347925 GA ConnectControl The time gap between the probing packets of the load balancer is not affected by the load measurement interval parameter. HFA_01
00349711, 00347892 GA VPN-1 Power/UTM SIP traffic is dropped when the characters number of "username" and "domain" exceeds the 256 characters limit. HFA_01
00350188, 00345195 GA SmartCenter A Rulebase that includes Clientless VPN does not function properly after upgrading to NGX R62. HFA_01
GA SecurePlatform SecurePlatform e1000 NIC settings (speed/duplex) cannot be saved from WebUI or ethtool. Changes do not survive reboot. See sk34154. No
00350239, 00337376 GA VPN-1 Power/UTM Connectivity fails when "Active Streaming" is enabled in SmartDefense. HFA_01
00350795, 00188391 GA ClusterXL fwd crashes during a full sync. HFA_01
00351232, 00349047 GA SecurePlatform Libraries error message while running a hostname command (Example: [CP1]# hostname CP1 and the user is not in "Expert" mode. HFA_01
00351280, 00351129 GA VPN-1 Power/UTM Under certain circumstances, Voice (RTP) packets are dropped during an MGCP call. HFA_01
00351669 GA Provider-1 / SiteManager-1 The mds_restore command does not function properly. HFA_01
00352269, 00351143 GA PerformancePack VPN-1 Power VSX NGX with Scalability Pack Cluster flushing specific MAC addresses to zero. HFA_01
00352292, 00351775 GA VPN-1 Power/UTM DHCP OFFER generated by SecurePlatform is being dropped by Windows firewall. HFA_01
00352717, 00330047 GA VPN-1 Power/UTM Add support for epsv and eprt FTP commands as described in RFC 2428 (FTP Extensions for IPv6 and NATs). HFA_01
00352754, 00348638 GA VPN-1 UTM Edge When dynamic LAN/DMZ objects with VPN-1 UTM Edge internal IP addresses are used in groups with exclusion, traffic that should be blocked is allowed. HFA_01
00352911, 00352855 GA VPN-1 Power/UTM Certificate renewal requests sent to SmartCenter are dropped when using a limited license. HFA_01
00353015, 00352991 GA Web Intelligence Security Server crashes when turning debugs on. HFA_01
00353919, 00353562 GA VPN-1 Power/UTM Static NAT ARP requests show incorrect MAC address. HFA_01
00354267, 00348517 GA SecureXL Stability issues and memory leaks when SecureXL is enabled. HFA_01
00354328, 00354048 GA SmartUpdate Cannot distribute packages from SmartUpdate after 20 packages have been distributed. HFA_01
00354405, 00203270 GA VPN-1 Power/UTM Panic on Solaris 9 NGX. HFA_01
00354588, 00333968 GA VPN-1 Power/UTM Error in messages file after Security Policy is installed: "kernel: FW-1: fw_kfree: wrong magic number at tail end of 0x98d7b974 (0x98d7b97c) caller is 'fw_xlate_find_all_matches' sz=12". HFA_01
00354637 GA VPN-1 Power/UTM MDQ process fails to start on an NGX R65 security gateway when an SMTP resource is configured in the rule base. HFA_01
00354637, 00354315 GA SmartView Monitor Real time monitoring causes gateway instability. HFA_01
00354854, 00354471 GA VPN-1 Power/UTM FTP passwords which include '227' are changed to '22_'. HFA_01
00354909, 00354874 GA ClusterXL VRRP cluster member fails to perform a full sync after reboot. HFA_01
00355616, 00355407 GA Web Intelligence Cluster members are crashing every 15 minutes. HFA_01
00360675, 00355836 GA QoS / Floodgate-1 Policy installation fails since the fg500 feature is not supported in the QoS / Floodgate-1 kernel. HFA_01
00360695, 00355127 GA VPN-1 Power/UTM MGCP / RSIP packets are being dropped. HFA_01
00361496 GA SmartCenter Memory leak in 'fwm' process. HFA_01
00361573, 00360628 GA SmartDashboard Changing an admin password from SmartDashboard fails with "password is incorrect" error message. HFA_01
00362347, 00362084 GA UTM-1 dhcp relay daemon fails to start. HFA_01
00363459, 00353905 GA VPN-1 Power/UTM When no LDAP license is installed, no warning is displayed. HFA_01
00364267 GA SmartCenter After uninstalling an HFA from the SmartCenter, policy installation fails with an error message. Example: "R65/fw1/lib/ftp.def, line 275: ERROR: cannot find <FTP_NO_CLIENT_227_229> anywhere". HFA_01
00362313, 00339136 GA VPN-1 Power/UTM DCE-RPC traffic is being rejected on Rule 998 when in "monitor only" mode. HFA_02
00369309 GA VPN-1 Power/UTM Segmentation fault when running fw hastat `perl -e 'print "- u "x10000'`. HFA_02
00369859, 00369514 GA SmartCenter (Anti-Virus engine) Memory leak in 'fwm' process when using the 'Automatic Update' option for a VPN-1 UTM Edge device. HFA_02
00370270, 00370052 GA VPN-1 Power/UTM Connect control drops ICMP replies. HFA_02
00369663, 00348737 GA Provider-1 / SiteManager-1 Connection problems when using a Radius/TACACS server. HFA_30
00376292, 00376291 GA VPN-1 Power/UTM vpn tu command does not function properly. HFA_30
00376385, 00375250 GA VPN-1 Power/UTM 'vpnd' process crashes and SecureClient users disconnect every 5 or 10 minutes. HFA_30
00376604, 00336404 GA SecureXL When running SecureXL on IPSO platforms, accelerated connections are not lowered to their "TCP END" timeout. HFA_30
00379287, 00377921 GA Eventia Reporter A number of log files are missing in the Eventia Reporter's GUI. HFA_30
00380298, 00380089 GA Provider-1 / SiteManager-1 Cannot install traditional policy. HFA_30
00381300, 00379494 GA VPN-1 Power/UTM DNS resolution fails and the following error message is displayed in fwd debug: "CpNR_Resolver::start_resolve : max resolving requests reached - out of memory". HFA_30
00383256, 00379209 GA VPN-1 Power/UTM During policy installation some connections experience packet loss and might fail. HFA_30
00377080, 00376548 GA VPN-1 Power/UTM Memory leak in FWD. HFA_30
00408032, 00405017 GA VPN-1 Power/UTM FWD process crashes. HFA_30
00361891, 00215657 GA ClusterXL Policy installation may cause response delays from network. HFA_40
00362089, 00329229 GA ClusterXL Can not ping from a "non-pivot" cluster member through an interface that has more than one VLAN. HFA_40
00369862, 00362810 GA SmartCenter Memory leak in CPD. HFA_40
00370323, 00368859 GA GateD Network disconnections when rebooting ClusterXL's non pivot member. HFA_40
00371333, 00370852 GA VPN-1 Power/UTM When using External User Profiles with domain names associated with a TACACS server, and the feature "Omit Domain Name when authenticating users" is selected, the gateway continues to send the domain name to the TACACS server and authentication fails. HFA_40
00371769 GA Provider-1 / SiteManager-1 FWM process does not start when MDS is installed on Red Hat Enterprise Linux 3 (RHEL3) with bond interfaces. HFA_40
00374465, 00366870 GA VPN-1 Power/UTM Adding a VTI with a 16 characters name is allowed even though the character limit is 15. HFA_40
00374502, 00362320 GA VPN-1 Power/UTM SIP registration traffic is dropped with the error "number of reinvites exceeded the limit". HFA_40
00374589, 00362403 GA VPN-1 Power/UTM Policy installation on a large number of security gateways times out. HFA_40
00376396, 00376315 GA VPN-1 Power/UTM Content filtering does not function when using a 25 host license. HFA_40
00378571, 00378565 GA VPN-1 Power/UTM MGCP traffic's source port changes after going through the security gateway when no NAT is defined. HFA_40
00380505, 00379472 GA Eventia Reporter Consolidation Session goes to ABORT state immediately after it starts. HFA_40
00380558, 00379277 GA Eventia Reporter 'Mysql' engine creates many threads. HFA_40
00380750, 00380482 GA VPN-1 Power/UTM After enabling IPv6, the security gateway cannot be rebooted again and the following error message appears: "CKP: Loading FW-1 IPv6 FAILED". HFA_40
00380772, 00379505 GA VPN-1 Power/UTM IPv6 module does not start after applying NGX R65 HFA_02. HFA_40
00383130, 00336252 GA VPN-1 Power/UTM 'fwssd' process crashes when using session authentication. HFA_40
00404407, 00403388 GA Eventia Reporter Log Consolidator aborts with the error: "[LogConsolidator] Error initializing SQL Statements for table...". HFA_40
00410115, HFA_02 ClusterXL, Cluster - 3rd party Cluster members might freeze unexpectedly. For more information see sk34780. No
00416129, 00415986 GA ClusterXL Bond interfaces stop answering ARP requests and traffic fails to pass. HFA_40
00416454, 00417804, 00436739, 00450385 GA VPN-1 Power/UTM fwm crashes on Windows2003 SCS. More information can be found under sk37801 No
00417294, 00416378 GA Provider-1 / SiteManager-1 MDG Audit logs show Check Point Server as the administrator. HFA_40
00421985, 00382247 GA Provider-1 / SiteManager-1 When using mdsconfig to change Provider-1's group permissions, $FWDIR does not receive the correct attributes. HFA_40
00423897, 00375759 GA Eventia Reporter Eventia Consolidation process stops due to problematic Log files. HFA_40
00425803 HFA_40 (early take) VPN-1 Power/UTM The security gateway may generate corrupted logs. HFA_40
00426827, 00426574 GA SmartDefense Web Intelligence drops traffic when trying to launch an http page via Connectra R62CM. HFA_40
00432381 HFA_30 VPN-1 Power/UTM SIP MESSAGE traffic is dropped with the following error in the kernel debug: "sip_calc_rnum_offset failed to find a suitable rnum". HFA_50
00433157 HFA_02 Provider-1 / SiteManager-1 and VPN-1 Power/UTM db_revisions are redirected to use $CPDIR/util/gtar instead of their own specific gtar. This usually happens when installing HFAs. HFA_50
00434854 GA VPN-1 Power/UTM SIP ACK packets are being dropped. The following messages can be seen in CTL debug:
"FW-1: h_rename: entry not found
ld_rename_wto_ttl: h_rename failed
sip_open_data_conn_ex: sip_anticipate_rtp_conn failed".
00435536 GA SecurePlatform When the password string at the end of the backup -d command has a value of '0' as 7th digit, the password string will be cut off after that 7th digit.
Example for such a command: # backup -d --sched on 17:13 -m 7 -s admin1 Admin1010asdfqewr
00436247 GA VPN-1 Power/UTM User experience connectivity problems when using IP Pool NAT. The table fwx_cntl_dyn_tab is full (verify by running the command fw tab -s -t fwx_cntl_dyn_tab). HFA_50
00438126 GA SecurePlatform If ftp is chosen when running backups using WebUI, the FTP transfer is done in ASCII mode instead of BIN mode. No
00439113 HFA_30 VPN-1 Power/UTM when using SMTP resources with mx (Mail exchanger) resolving, MDQ crashes and mails get stuck in the spool directory (on Windows OS only). No
00443183 GA VPN-1 Power/UTM Memory leak in CPD process. More information in sk42589 No
00443248 HFA_40 VPN-1 Power/UTM CPD Memory leack on SmartCenter server and on Security Gateway. No
00444457 GA VPN-1 Power/UTM and in.emaild processes crash when enabling messaging security. When users enable messaging security and install policy, the pid of the processes changes. No
00446671, 00446870, 00504798, 00508196, 00508962, 00511879, 00517405, 00517716, 00521505 GA VPN-1 Power/UTM Security gateway FWD process might crash upon policy installation. For more information see sk42589. HFA_60
00446830, 00495470 HFA_40 VPN-1 Power/UTM When experiencing invalid license issues, E-mails will be bypassed and not sent to the anti spam mechanism until the next validation. No
00447910 HFA_40 UTM-1 Edge Policy installation fails when 'Install on' target is the UTM-1 Edge box and rule contains a time object . No
00448570 GA VPN-1 Power/UTM Problem Description:The error message: "fw_session_auth_invoke: get_vpn_peer_gw ..." is printed even if no errors occur.
Scenario: On a standalone member create a Firewall rule that uses session authentication with no VPN.
Resolution (after installing the ad-hoc fix): The error message: "fw_session_auth_invoke: get_vpn_peer_gw ..." is now only printed if the firewall warning flag is on.
00449637 HFA_30 VPN-1 Power/UTM SIP drop; Illegal 'TO' user in response packet. HFA_60
00449687 GA ClusterXL When more then 63 interfaces marked as "Private" within the Cluster Topology are defined, the HA Module cannot be started. No
00463844 HFA_40 VPN-1 Power/UTM FTP security server (AV) gives an error "550 Security server failed to perform requested command" when creating a folder, even though the folder is created. No
00464267 GA SmartCenter fwm memory leak. No
00464268 GA SmartCenter Problems importing Access Lists from a Cisco devices into Smart Center/Provider-1 CMA. No
00464269 GA VPN-1 Power/UTM Occasional fwm crashes. HFA_50
00464270 GA Provider-1 / SiteManager-1 TCP 18190 File Descriptor leak when authenticating through a RADIUS server. HFA_50
00464275 GA VPN-1 Power/UTM Radius authentication fails. HFA_50
00464325 GA Provider-1 / SiteManager-1 CPD process crashes and a core file is created. HFA_50
00464335 GA SecurePlatform When using scp backup, if the password contains the character '0' on the 7th place, the password will be truncated. HFA_60
00465525 HFA_01 VPN-1 Power/UTM Getting wrong results when querying rules using 'Search -> Query Rules' in SmartDashboard. The results display rules that do not contain the queried objects. No
00465534 HFA_30 SmartDashboard "Unspecified error" message when SmartView Tracker is launched twice from the same PC No
00465700 HFA_40 SmartCenter and Provider-1 / SiteManager-1 Memory leak on Provider-1/SiteManager-1 environment when CMA is assigned to a global policy and the administrator is adding rules above/below the policy.
The symptom: FWM process consumes high CPU.
HFA_60 VPN-1 Power/UTM Location Restriction for Remote Access clients is not enforced after installing NGX R65 HFA_60. See sk45066. No
00467092 NGX R65.2.100 VPN-1 Power/UTM When SIP traffic contains non-ASCII characters, RTP is dropped, and VoIP calls fail. No
00494148 HFA_30 GateD When bringing down an interface, a route for its subnet can be learned by OSPF. However, once the interface is brought up again, the OSPF remains "chosen" over the directly-connected route. No
00494415, 00466145 GA VPN-1 Power/UTM sam_alert do not function properly on IPSO 4.2 management. HFA_60
00494733, 00495785 HFA_30 Eventia Reporter Unable to e-mail reports to an IronMail device. No
00494814, 00495468 HFA_30 Eventia Reporter When issuing cpstart, cpWatchDog process does not start. No
00494981, 00495737 GA Eventia Analyzer Cannot enable "syslog 514 all" to Eventia Analyzer, in a Provider-1 environment. HFA_60
00498197 HFA_30 Eventia Reporter Eventia Reporter GUI crashes when choosing the Consolidation tab. HFA_70
00498940 GA Eventia Reporter When "Active Policy Analysis" is checked, generation of RuleBase Analysis reports sometimes fails. HFA_70
00499613 GA VPN-1 Power/UTM SNMP V3 is "dropped" When using SNMP protocol type "snmp-read". HFA_70
00499947 GA SmartDefense If a UDP response sent by the DNS server is truncated, it may be dropped by the firewall. No
00500765, 00521542 GA Provider-1 / SiteManager-1 Viewing the status of an MDS container in SmartView Monitor wrongly displays the following error: "Error: SmartCenter CA is not running". No
00502045 HFA_40 Provider-1 / SiteManager-1 Running backup_util sched with LOCAL type of backup is not working. No
00504316 HFA_30 Provider-1 / SiteManager-1 When the Global Policy reassign process encounters errors during the reassign process, they are reported in the reassign window, and the reassign process is aborted for that CMA. For the error occurrences, the rule numbers and the object location in them are reported. However, the rule numbers reported in the Global Policy reassign status window are incorrect. HFA_70
00510377, 00511887 GA User Authority Insufficient debug messages for OPSEC User Authority communication.
After installing a Hotfix, the content of OPSEC User Authority communication between the Domain Controller and the gateway will be displayed.
00510703, 00520227 HFA_30 SmartCenter Memory leak in 'fwm' process when viewing the database revision. HFA_70
00511326 HFA_50 SmartView Monitor After HFA_50 is installed, SmartView Monitor displays wrong information regarding Web Filtering. See more in sk42887. HFA_60
00511867 GA VPN-1 Power/UTM If a gateway boots without a dynamic ip assigned to the interface configured for dynamic IP, default policy is loaded instead of local policy. No
00511891 GA VPN-1 Power/UTM fwd crashes because of corrupted fwauth.NDB. For more details see sk43282. HFA_70
HFA_40 VPN-1 Power/UTM $FWDIR/spool/D_resend directory is not cleared even after Mail_abandon time period has passed. No
00517121 HFA_02 Eventia Analyzer Users added to a Provider-1 environment are not being displayed in Eventia Analyzer. HFA 70
00517925, 00518918, 00525386 GA SecurePlatform In SecurePlatform 2.6 running over AMD based machines, kernel is not being replaced by HFA_50 installation. See sk42884 for more information. No
00518516 HFA_50 Eventia Analyzer CPSEMD process randomly crashes. HFA_70
00519588 HFA_50 VPN-1 Power/UTM iPhone L2TP connections are dropped in a Load Sharing Cluster environment. No
00522087 GA SecurePlatform SecureClient users fail to connect to SecurePlatform 2.6 NGX R65 gateway if Active Directory DNs are more than 100 characters long. No
00522308 HFA_50 VPN-1 Power/UTM in.emaild.mta process restarts even though it is not in $FWDIR/conf/fwauthd.conf. No
00522494 HFA_30 SecureServer Anti-Virus FTP scan causes 227 passive mode responses from the FTP server to drop when using a non-RFC compliant termination. No
00522767 HFA_02 Provider-1 / SiteManager-1 Cannot open SmartView Tracker (AUDIT MODE) on a standby MDS. No
00522839, 00526741 GA VPN-1 Power/UTM Cannot connect to Policy Server when Office Mode is allocated by external DHCP server and lease is infinite.
For more information see sk43362.
00522936 GA SmartDashboard Anti Virus update may fail due to a wrong password used by the GUI. Update fails with the message "User Center: unknown user name or password". No
00523140 GA User Authority in.asessiond process might crash when both Single Sign On for client authentication and session authentication are used together. No
00523201, 00525762 GA VPN-1 Power/UTM Sometimes the Web Security decoder may reject packets if there is no more space in the decoder input buffer, thus creating false negatives. No
00523323 GA VPN-1 Power/UTM Unable to load/decode certificates that include "Subject Alternative Name" field with Principal Name encoded with IA5. No
00523404 HFA_30 SecurePlatform Upgrading SecurePlatform VPN-1 Power/UTM NGX R65 HFA_30, 40 or 50 to R70 or later may cause severe problems and instability. For more information see sk43247. No
00523538 HFA_50 GateD fibmgrd process crashes and creates a core dump on non active security gateway, when cluster includes more than two members. No
00523739 HFA_40 VPN-1 Power/UTM SecureClient connection to security gateway may fail when UDP encapsulation is used. No
00524179 HFA_50 VPN-1 Power/UTM When URL filtering is enabled, HTTP traffic stops. No
00524183 GA Eventia Analyzer Events from VSX modules appear with "Bad Format" in the 'Origin' column. No
00524655 HFA_40 VPN-1 Power/UTM The in.ahttpd process crashes constantly (every 1-2 minutes) when enabling an http resource rule with user authentication. The problem occurs when HTTP 1.1 is turned on in the browser client. No
00524975, 00525529 HFA_01 VPN-1 Power/UTM Even though an encryption domain is correctly defined, users might receive an overlapping domain error when trying to view policy. No
00525026 HFA_40 VPN-1 Power/UTM Sometimes, the in.httpd process may try to delete sockets that are invalid. No
00525443, 00525881 HFA_50 VPN-1 Power/UTM Cannot define a grace period for Antispam license checking mechanism. No
00525653 GA VPN-1 Power/UTM vsx_util reconfigure command modifies interface properties for anti-spoofing excluded networks on VS. No
00525919, 00525980 GA VPN-1 Power/UTM Security gateway stops responding to ICMP requests. No
00525291 HFA_02 ClusterXL After a policy installation the cluster forwarding mechanism is turned on. No
00525916 GA SecurePlatform Cannot perform an upgrade from NG-AI R55 to NGX R65 using SmartUpdate, when User Authority is installed. No
00526311 HFA_30 VPN-1 Power/UTM Some NAT rules might stop working. No
00526503 HFA_50 VoIP SIP RTP packets are dropped. No
00526774, 00527549 HFA_50 VPN-1 Power/UTM FTP service with Anti Virus inspection does not work on non-standard FTP port. No
00526878, 00529821 GA VPN-1 Power/UTM vpnd process core dumps. No
00527362 GA Eventia Reporter Web Activity reports that contain links to external websites have missing colums and rows in several tables. No
00527443, 00525283 GA Provider-1 / SiteManager-1 SNX license is being read from MDS licenses instead of the CMA. No
00528771, 00528881 GA VPN-1 Power/UTM When RADIUS users authenticate via remote access, vpnd process may crash. No
00529526 HFA_50 SmartCenter Installing a policy with IP ranges wrongly configured, cause traffic drops. No
00529600 HFA_50 SmartCenter When Connectra R66 cluster is managed by R65 HFA_50 SmartCenter, Endpoint Security On Demand update fails with the error: "No UTM-enabled gateway has an attached license". No
00530643 GA SmartDashboard No audit logs for rulebase modifications when saving policy using "Save as" instead of "Save". No
00531247 HFA_60 VPN-1 Power/UTM SNMP daemon is crashing when performing an SNMP query. No
00531350, 00531712 HFA_60 SmartCenter fwd process occasionally crashes during a logswitch event. No
00531621, 00533625 GA SecurePlatform RIP distribute-list command is not being enforced when used with certain interfaces and when used with several lists on several interfaces. No
00531920 HFA_50 SecurePlatform Cannot create loopback network connection via sysconfig. No
00532429 HFA_60 VoIP SCCP packets are dropped after installing HFA_60. The following error is displayed: "sk_get_val: Sanity test failed!". No
00532670 HFA_50 SmartView Monitor SmartView Monitor kernel module/binaries are not updated after upgrading SecurePlatform 2.6 to HFA_50 or HFA_60. No
00533019 GA Provider-1 / SiteManager-1 When users open the MDG, it takes several minutes for the MDG to get into a working status. No
00533866 HFA_50 VPN-1 Power/UTM High CPU after installing HFA50 on IPSO 4.2. No
00534025 GA SmartView Monitor SmartView Monitor history report does not show the correct statistics for link utilization. No
00534268 HFA_60 SmartDefense Web Intelligence memory leak when using header spoofing protection. No
00534551 HFA_01 SmartDashboard SmartDashboard requests to save changes each time users close it. No
00534740 HFA_30 SmartDefense DNS traffic between defined DNS servers is being dropped by SmartDefense. No
00534973 HFA_60 ClusterXL cphaprob syncstat command shows negative values for "average length of sending queue". No
00535506 GA SmartDashboard SmartDashboard does not save changes to the Title section. No
00535853 HFA_50 VoIP SUBSCRIBE SIP messages are dropped by the security gateway with an error: "sip_get_brother_data: internal error - brother init failed". No
00536152 HFA_30 Provider-1 / SiteManager-1 When running the command cpstat os -f multi_cpu, only one print per fwm process cycle appears on the console. No
00537081 HFA_60 Provider-1 / SiteManager-1 Assigning global policy fails. No
00537515, 00536688 HFA_50 VPN-1 Power/UTM When using IP assignment according to specific groups (ipassignment.conf), users might get unexpected behavior if logging is enabled. No
00537790 HFA_50 VPN-1 Power/UTM Users may experience memory corruption on the Security Gateway and the following messages are seen in the /var/log/messages file:
Invalid handle, Failed to log action remove from table, kbuf id is not found, Error freeing kbuf.
00538515 HFA_50 VPN-1 Power/UTM When cluster is configured and Syn Defender is enabled, various crashes might occur. No
00538942 GA VPN-1 Power/UTM SecureClient users cannot connect to the Policy Server. Updating the site hangs and users cannot create a new site due to a buffer overflow. No
00540273 HFA_50 VPN-1 Power/UTM Authentication failed on "form expired" because system deleted entries from full auth_redirect_tbl . No
00540274 GA User Authority The first single sign on connection from a Terminal Server configured with User Authority fails. No
00541882 HFA_50 UTM-1 Edge Policy installation on an Edge device fails when there are rules using services, unsupported for an Edge device (even though the installation target of those rules excludes the Edge device). No
00542012 HFA_60 VPN-1 Power/UTM Web pages hang when Anti Virus is enabled and files of type jpg or jpeg have "pass" in the file types list. No
00542049 HFA_60 VPN-1 Power/UTM Client Authentication does not work when restricted with an Address Range object. No
00542302, 00544243, 00544247 HFA_60 SmartProvisioning Memory leak when LSM is enabled. No
00544249 HFA_60 SmartProvisioning CPD memory leak when LSM is enabled.
00545083 HFA_60 Eventia Reporter Unable to upgrade the Eventia server from R65 HFA_60 to R70 since log_consolidator process cannot be stopped. No
00545410 HFA_40 SmartDefense Legitimate SIP OPTIONS packets are rejected by SmartDefence with the error "sip_earlynat_get_source_port: failed: no call_id/user". No
00547105 HFA_60 SecurePlatform Snapshot revert operation failing. No
00547264 HFA_50 VPN-1 Power/UTM fwd process crashes after adding lines to $FWDIR/conf/fwauthd.conf file. No
00547371 GA Provider-1 / SiteManager-1 The command mdsstop --help executes an mdsstop instead of displaying various available options. No
00548182 HFA_40 VPN-1 Power/UTM Under heavy load, after a certain amount of time, the security gateway stops passing all packets. No
00549511 GA VPN-1 Power/UTM Inaccurate bandwidth polling when using SNMP. No
00540598, 00257549, 00257550, 00257661, 00257662, 00258181, 00257660, 00257582 GA SecureXL Security gateways crashes when using SecureXL and VPN traffic No
00542742, 00542807, 00542808, 00542809, 00548026 HFA_60 VPN-1 Power/UTM fwd process on the security gateway crashes when the primary Log server is overloaded and logs are diverted to the backup Log server. No
00540455, 00541670, 00541671 HFA_60 SmartCenter When you edit a Security policy with more than 50 rules, the Audit log will show only a partial information. No
00540928, 00541688, 00541689 HFA_60 SmartCenter The Audit log does not show the NAT rules changes. No
GA SmartDefense Memory leak in several PSL functions. No
00546173, 00542012, 00546649, 00546652 GA VPN-1 Power/UTM Web pages hang and pictures are not displayed when Anti-Virus is enabled. No
00550471 GA SecurePlatform When using enhanced UFP performance, the SecurePlatform 2.6 security gateway sends incorrect URLs to UFP. No
00551639, 00551741, 00551745 GA VPN-1 Power/UTM Security gateway returns 0 when trying to access a specific website when Anti-Virus is enabled. No
00552773 HFA_70 VPN-1 Power/UTM Source port of FTP-DATA connection opened from security gateway to the FTP Client is not TCP 20 when working on IPSO 4.2 UTM base package. No
00552120, 00552713, 00552714, 00552767 HFA_60 VPN-1 Power/UTM fwd process does not start all processes defined in fwauthd.conf. Error received: "fwauthd_init: only 127 processes can be defined in fwauthd.conf." No
00552867 GA VPN-1 Power/UTM Kernel panic caused by receiving packet with invalidly large Total Length in IP Header. No
00553140 HFA_70 VPN-1 Power/UTM Access to web server fails with Clientless VPN configuration. No
00553320, 00553494, 00552773, 00552841, 00552842 HFA_50 VPN-1 Power/UTM VPN trafic fails with error "transformsMatch: accepting group 1 according to global properties configuration", although group 1 is not used in the communities. No
00553341 HFA_70 SmartCenter, VPN-1 Power/UTM cpd crash during automatic or manual URL filtering update process. See sk77281. No
00554077 HFA_60 VPN-1 Power/UTM

MLSD command is blocked on Security Server.

00554732 GA VPN-1 Power/UTM When no regular gateways or clusters are configured on the Management (only ROBO), then full sync does not work on ROBO Clusters. No
HFA_60 SmartDefense TCP packets with IP option type NOP and EOL are dropped by the firewall.
Error: "fw_ipopt_restore Reason: options not approved in fw kernel."
See sk45062.
00555299 HFA_40 Eventia Reporter IP address resolution did not work correctly for logs generated by client authentication rules. No
HFA_30 SmartDashboard SmartDashboard crashes when trying to view currently installed policies.
Error: "Can't load installed Policy (No Objects)."
See sk45063.
HFA_70 VPN-1 Power/UTM SNMP error: "No Such Object available on this agent at this OID." See sk45065. No
00556498 HFA_70 VPN-1 Power/UTM Setting advanced VPN properties to disable NAT in a VPN tunnel fails. No
00557010 HFA_60 SecurePlatform GateD with RIP configuration crashes when an interface is deleted. No
00557490 HFA_70 VPN-1 Power/UTM Cannot add more that 255 VPN communities. No
HFA_50 SecureXL Crossbeam APM freezes after Policy installation. See sk45064. No
00558646 HFA_60 Web Intelligence Automatic updates for URL Filtering do not work in a Full-HA environment. No
HFA_70 SmartCenter FWM fails to start on MDS after the 'MSP_GLOBAL_LOCK_NOT_FORGOTEN_TIMEOUT' environment variable is enabled. See sk45067. No
HFA_70 VPN-1 Power/UTM Mails are being mistakenly stripped when "Strip file by name" option is activated on the SMTP resource. No
00561718 GA GateD On multi-core machines, the internal clock could shift momentarily approximately 4400 seconds forth and back, causing distruptions in OSPF neighbors. No
00566983 HFA_70 SecureXL When there is high traffic load on the gateway, memory leak occurs in SecureXL. No
00567373 GA VPN-1 Power/UTM Policy installation fails, security gateway stops replying ICMP requests, and SSH connection is extremely slow. No
00567435 HFA_40 VPN-1 Power/UTM CPD process crashes and creates core dumps on both Cluster members. No
GA SSL Network Extender SSL does not work when using a subordinate CA. No
00568027 HFA_50 SmartCenter Debugging processes fail to stop. No
GA SecurePlatform /var/log/messages show every 30 seconds the following message: "snmpd[PID]: netsnmp_assert index == new_val->high failed int64.c:X netsnmp_c64_check32_and_update()".
HFA_50 SecurePlatform /var/log/messages show every 30 seconds the following message: "snmpd[PID]: netsnmp_assert index == tmp failed if-mib/data_access/interface.c:X _access_interface_entry_save_name()".
00571641 HFA_70 SecurePlatform After upgrading to R65 HFA70, snapshots do not appear in pre-boot menu. No
00571776 GA VPN-1 Power/UTM MGCP packets are dropped with an error: "Invalid ConnectionMode field in CRCX message". No
00571819 GA SecurePlatform Adding static routes from WebUI fails. No
00573018 GA VPN-1 Power/UTM Some E-mails never leave the spool directory. No
00573426 HFA_60 QoS / Floodgate-1 The fagte verify command fails when full path is used. For example:[Expert@cpmodule]# fgate verify $FWDIR/conf/Standard.F Failed to save the policy file No
00574147 GA GateD GateD displays errors like "task_time_fix_mono:_detected_time_change_forward_by_4388_seconds" and "task_time_fix_mono:_detected_time_change_forward". No
00589289 HFA_60 SmartDefense HTTPS traffic with TLS 1.1 is being dropped by SmartDefense. No
GA SmartDefense Security Gateway may crash when active streaming protections are enabled (CPAS). No
HFA_70 SSL Network Extender Mail Alerts are not being sent upon successful SNX authentication sessions. No
GA SecureXL Security gateway with SecureXL enabled is crashing when running tcpdump. No
00595081 GA VPN-1 Power/UTM IP assignmnent issues when working with RADIUS server. No
00595148 GA Web Intelligence when working with enhanced UFP performance HTTPS traffic is not interpreted correctly. No
00595956 HFA_70 VPN-1 Power/UTM SUN Solaris server crashes when using the ifconfig command. No
00596381 HFA_60 VoIP On certain IPS protections, CPAS (active streaming - an application that maintains a TCP connection) TOS definition (type of service - a flag in the TCP) is not maintained. No
00597088 HFA_02 SmartCenter cpca_client utility (for certificate renewal) cannot be used in a large scale configuration. No
00598646, 00598693, 00601477 HFA_70 Provider-1 / SiteManager-1 Memory leaks in fwm process. No
GA SecurePlatform VPN Gateway on SecurePlatform OS keeps RIM kernel routes even after VPN tunnel is terminated. Refer to sk60366. No
00621596 HFA_70 SecurePlatform Users fail to login to WebUI. The following error message is received: "Cannot connect to server. Make sure the appliance is up and running, and that you are allowed to login from this machine." No
00622742 HFA_60 VPN-1 Power/UTM NTP with MD5 authentication-key file is not supported. No
00631030 GA SmartDashboard R65.4 SmartDashboard crashes when closing a specific gateway cluster object. No
GA SmartView Monitor Smartview Monitor does not show graphs for Connectra users in system counters. No
00749731 HFA_70 CoreXL "fwstrmodrput: invalid ip header len (2048)" messages are constantly printed to the console. No
00755014 HFA_70 SmartDefense Kernel panic when Web Services are enabled. No
00758299 GA VPN-1 Power/UTM IP POOL NAT is performed on connections even when it is not configured. No
00776374 GA SecurePlatform Russian daylight saving time was cancelled since March 2011, causing Russia to permanently remain on 'Summer Time'. See more in sk64021. No
GA VPN-1 Power/UTM Dtps process keeps hanging every last day of the month. No
00901436 HFA_70 Provider-1 / SiteManager-1 DCE-RPC traffic does not open high ports. No
00918668 GA SecurePlatform Can not create swap partitions on diskless machines. No

R65 HFA_01


R65 HFA_02


R65 HFA_30


R65 HFA_40

R65 HFA_50

R65 HFA_60

R65 HFA_70

Note that each new HFA includes all previous HFAs.
Check Point recommends to always upgrade to a recent version, and to the most recent HFA (Hotfix Accumulator) of this version.

To get the latest HFA for your product, version, and operating system, go to

This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document