Check antimalware signature update process by cli on Checkpoint Endpoint Server
If antimalware signature updates doesn’t works, it’s possible to see more details running it by cli. To do that open 2 ssh sessions, on one run:
cd $UEPMDIR/engine/conf/updates/bin/kav8
./keepup2date8.sh –download –simplelic –xmlfile confZLToProduction.xml –journal update.log
And on the other one run a tail on the log file:
tailf update.log
Of course it’s possible to run it all in a single ssh session and take a look to the log once update process is finished
Checkpoint: Remote access VPN users recive IP addresses which are allocated in ipassignment.conf
After adding IP addresses to $FWDIR/conf/ipassignment.conf you can observe in smartlog that the IP addresses are beign assigned to other users. If you face with this problem, you have to use different networks for Officemode and ipassignment.conf. You can do it by subnetting the Officemode address pool or by using different networks.
Once you have different networks configured, if Antispoofing is enabled for Internet interface, you must to add the network used in $FWDIR/conf/ipassignment.conf to the exceptions for Antipoofing for that interface.