Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What Checkpoint Licenses entitle me to

Status
Not open for further replies.
Finton

Finton

MIS
May 7, 2004
11
IE
What does a "Check Point Express - VPN-1 Express Gateway for 50 Users" license entitle me to. Does it mean that the firewall will protect 50 ip addresses behind it or does it relate to the total number of connections allowed through the firewall by the license. When I do the command "fw tab -t connections -s" the number of VALS is 1165 for example. My understanding of this is that there is currently 1165 connections through the firewall. I thought the number of connections was only limited by the spec of the firewall (memory etc) and not the license but I could be wrong. Any help/suggestions greatly appreciated...

--------------------------------------
Damien Allen CCNP,CCSE NG AI
--------------------------------------
 
Sort by date Sort by votes
50 user licence" is the number of hosts that it is licenced to protect. It's nothing to do with the number of active connections.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Thanks for getting back to me Chris that is what I thought. If I issue the command fw lichosts would I be right in saying this shows me the protected hosts. If protected hosts exceeds 50 what sort of problems would you expect to see.

--------------------------------------
Damien Allen CCNP,CCSE NG AI
--------------------------------------
 
Upvote 0 Downvote
Well, when the number of protected hosts exceeds the licence count, it doesn't actually stop any traffic or prevent new hosts from accessing resources across the firewall. What it does do is generate lots of logging and warning to the effect that you are exceeding your limit and this has a knock on effect on the performance of the firewall.

To be honest, we've had clients firewalls exceeding the licence limit for months without any real problems. That's not to say that you shouldn't have the correct licence of course.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
My understanding of the licincing is you get about 10-20% leeway so you will get logging posted but as this number rises the logging becomes more pronounced until it will kill all performance
 
Upvote 0 Downvote
Exactly right. Best to have the correct licence.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Thanks for your help guys, much appreciated.

--------------------------------------
Damien Allen CCNP,CCSE NG AI
--------------------------------------
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
798
Johnkite
Johnkite
mattbarkerlfc
  • Locked
  • Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
201
mattbarkerlfc
mattbarkerlfc
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
747
nnaarrnn
nnaarrnn
GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
292
GeorgeAlba
GeorgeAlba

Part and Inventory Search

Sponsor

Back
Top