Support Center > Search Results > SecureKnowledge Details
Security Gateway randomly reboots when IPS or SecureXL is enabled Technical Level
Symptoms
  • Security Gateway (Open Server / Check Point Appliance) randomly reboots due to memory leaks when IPS or SecureXL is enabled.

  • Memory consumption continuously grows (which can be seen by running 'fw ctl pstat' command and inspecting the 'Machine Capacity Summary - Memory used' output).

  • New connections are being dropped when the kernel memory allocated to the Firewall reaches its full capacity (which can be seen by running 'fw ctl pstat' command and inspecting the 'Machine Capacity Summary - Memory used' output).
Cause

There are a few possible causes for this issue:

  1. In R75.40VS, when SecureXL is enabled, the mechanism in charge of inspecting connections and checking whether they already exist in the Connections Table can cause memory leaks.

  2. When IPS is enabled, several IPS protections cause memory not to be freed.

  3. There is a kernel table that holds the IPS information for each connection. Sometimes, when the connection ends, its information is not removed from the table, causing a memory leak.

Solution
Note: To view this solution you need to Sign In .