Support Center > Search Results > SecureKnowledge Details
Check Point R75.20 HFA 50 (R75.20.50) for 600 / 1100 Appliance and Security Gateway 80
Solution

Table of Contents

  • What's New in Check Point R75.20 HFA 50 for 600 / 1100 Appliance and Security Gateway 80
  • Check Point R75.20 HFA 50 Downloads
  • Check Point R75.20.x Documentation
  • Check Point R75.20 HFA 50 Enhancements
  • Check Point R75.20 HFA 50 Resolved Issues
  • Check Point R75.20 HFA 50 Known Limitations

 

For more information, see the Check Point 1100 Appliance Product Page and Check Point 600 Appliance Product Page. You can also visit our 2012 Models Security Appliances forum or any other Check Point discussion forum to ask questions and get answers from technical peers and Support experts.

 

What's New in Check Point R75.20 HFA 50 for 600 / 1100 Appliance and Security Gateway 80

  • Support for tag-based VLAN on WAN connections
  • Support of various VoIP scenarios
  • Support for Hotspot exceptions
  • Remote Access stability fixes

Check Point R75.20 HFA 50 Downloads

Note: To download these packages you will need to have a Software Subscription or Active Support plan.

 

Check Point R75.20.x Documentation

 

Check Point R75.20 HFA 50 Enhancements

The following enhancements were incorporated into Check Point R75.20 HFA 50 for 600 / 1100 Appliance and Security Gateway 80:

ID Symptoms
Networking
01343910
Added support for the 3G modem MF669.
Configuration
01321354
Additional characters are supported in the password and shared secret fields. For more details, refer to the Administration Guide.
01340732 Added support for a manually defined access option for a server object behind NAT. For more details, refer to the Administration Guide. 
01339610  Added a checkbox for "Answer ARP requests for specific destinations". For more details, refer to the Administration Guide. 
01269454 Added support for tag-based VLAN on WAN connections. 
01322602,
01321198,
01335652,
01341357, 01335708,
01344592,
01362728
Added support of various VoIP scenarios.
CLI
01344228
Added support for the cpinfo lite command.
VPN
01206133
Improved the maximum number of concurrently open secure tunnel connections.
01350878 After a Java update to version 7 update 51 (7u51) and above, SNX functionality fails. 
WebUI
01276085
Added Application Control support for the "This Gateway" object in the outgoing Rule Base.
01316193 Added support for Remote Access DNS suffixes in locally managed mode. 
01323852  Added in the Firewall > Servers > NAT tab an advanced checkbox: "Force translated traffic to return to the gateway" (selected by default). 
01319359  Added an "Internet" option as a possible source for incoming connections.
01320443 Added the ability to exclude IP addresses from Hotspot. For more information, refer to the Administration Guide. 


Check Point R75.20 HFA 50 Resolved Issues

The following issues have been resolved with Check Point R75.20 HFA 50 for 600 / 1100 Appliance and Security Gateway 80:

Table of Contents

  • Networking
  • Configuration
  • WebUI
  • VPN
  • SmartDashboard
  • Identity / User Awareness
ID Symptoms
Networking
01361246
Setting the SSL Network Extender user re-authentication time out to longer than 24 hours does not work as expected.
01360564 1000baseT/full link speed not advertised. 
Configuration
01154095
Adding a wireless network to the switch disables existing VAPs.
01234789
An incorrect Original Destination is displayed in auto-generated NAT rules for a server defined with Hide NAT
01336721,
01362316 
When the visitor port mode is not set to port 443, a Remote Access user is unable to connect.
01338986  When creating a route for a specific host, this error is shown: IP address does not match the given mask. 
01341681 After upgrading a cluster setup, an active member starts up, but the cphaprob command reports: HA module not started.
01339613  Port forwarding on port 443 does not work. 
01344650 Configuring Remote Access with an Endpoint client, when a gateway is defined as DDNS, may not work in some cases when the gateway's IP address changes. 
01324117  Cannot define TCP service and UDP service to use the same port. 
01347608  Cannot change an administrator password from a configuration script on a USB device. 
01355523  Cannot import a CA certificate which was exported using a Mozilla Firefox browser. 
01343912  Cannot not connect to a NATed server located behind the Security Gateway 80/ 600/1100 appliance from an internal host located on a LAN behind the appliance. This happens because the Smart NAT rule match does not function properly on traffic sent internally. 
WebUI
01319958
Locally managed 600 Appliances do not download the Anti-Virus, Application Control, and IPS updates.
VPN
01184670, 01149786
The VPN Tunnels page does not show all active tunnels.
01248182
Source and destination IP addresses are reversed in the Alert log indicating that the tunnel is down.
01195240
The WebUI freezes when setting VPN S2S with encryption domain route all traffic.
01340114
When the VPN site name and network object name are the same, the VPN tunnel does not work properly.
01261068 Auto-generated VPN rules do not match for Remote Access RADIUS users.
SmartDashboard
01321380  Policy installation fails when there are too many 1100 appliances defined in SmartDashboard.

Errors in fw fetchlocal debug output: 
fw_record_ifname: cannot insert ifrec in ifname table
sfw_read_code: line 116564: Badly formed option line '% ifname: 8 DMZ' 
Identity / User Awareness
01344195
When cluster fails-over, the Identity Awareness functionality does not fail-over.
01234668 User based rules are not matched correctly when Identity Awareness is disabled.
01321751  "An error occurred while reading groups from Active Directory" error when trying to set AD group in User Awareness feature.
01346014 User Awareness with Browser Based Authentication does not work with Windows 2012 Server.

 

Check Point R75.20 HFA 50 Known Limitations

The following limitations have been found in Check Point R75.20 HFA 50 for 600 / 1100 Appliance and Security Gateway 80:

ID Symptoms
01341016
Users that are identified before User Awareness is disabled, will remain identified (for logs and rule base matching) until session timeout occurs.
01414999 "System Error: An internal error has occured. If the problem persists please contact Check Point Technical Assistance Center. Details: Failed to delete file" error message appears when trying to delete Trusted CA. 
This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment