I'm now a Check Point Certified System Administrator (CCSA)! I took the
R77 exam and passed. I have to say I was a little disappointed with the
exam - there were 100 questions in 90 minutes, but I found a lot of the
questions were repeated - albeit with a slightly different phrasing.
Below are the notes I made while I was studying. Definitely lab it
I was recently involved in a project upgrading the core firewall pair
from Checkpoint R71.40 SPLAT to R77.20 GAiA. While very different, a lot
of the configuration is pretty straight forward, and well documented in
various articles on the Checkpoint website.
This setup runs BGP on the firewalls, to learn routes from our internal
VRF's and also the WAN VRF where our MPLS …
I encountered an issue recently while trying to allow access to a new
subnet over an existing VPN. The far end device was a Cisco router, and
had an access list matching an entire class A subnet which was applied
to the crypto map. The traffic destined for the new subnet was arriving
at our firewall, and showing in the logs as dropped, with the …