Megamon Tech Blog

IT issues resolved

Browsing Posts in Checkpoint

We ping sweep networks every minute – sometimes when pinging firewall clusters a random interface does not respond to icmp requests. This occurs when you ping multiple IP’s of the firewall at the same time. Checkpoint R71 fw ctl set int fw_allow_simultaneous_ping 1 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk38465 for instructions on how to get the command to survive a […]

If you see these messages: Jul 4 09:49:50 xxxfw2 kernel: NET: 89 messages suppressed. Jul 4 09:49:50 xxxfw2 kernel: Neighbour table overflow. Jul 4 09:50:04 xxxfw2 kernel: NET: 22 messages suppressed. Jul 4 09:50:04 xxxfw2 kernel: Neighbour table overflow. Jul 4 09:50:04 xxxfw2 kernel: Neighbour table overflow. Jul 4 09:50:05 xxxfw2 kernel: NET: 65 messages […]

Encountered issues with Checkpoint R75 Scenario A number of R62 and R65 gateways cannot be burnt to from R75 manager. However gateways that are greater than or equal to R70.40 burn fine. Error message in /var/log/messages on gateway: fwloghandle_register_string: unable to put entry into table Solution Edit /etc/grub.conf on the target gateway and add vmalloc=512M […]

Fresh install of SecurePlatform, is broken for PPPoE, tested on releases R70, R70.20, R70.30 and R71 you need to execute the following command, as well as adding it to your /etc/rc.d/rc.local so it survives a reboot: mknod /dev/ppp c 108 0

The checkpoint knowledge base suggests you reboot to enable proxy arp. Not a great idea if you have a firewall cluster in production. Check to see if proxy arp is enabled on your ethernet (eth0 in this example): cat /proc/sys/net/ipv4/conf/eth0/proxy_arp It will return 1 or 0, enabled or disabled. To set: echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp […]