Support Center > Search Results > SecureKnowledge Details
R77.20.86 for Small and Medium Business Appliances Technical Level

This article applies to Check Point 700 / 1400 / 910 Small and Medium Business (SMB) Appliances.

Table of Contents

  • What's New in Check Point R77.20.86 for SMB Appliances
  • Supported Appliances
  • Downloads
  • Resolved Issues
  • Known Limitations
  • Documentation
  • Revision History 

For more information, refer to the following Product Pages: Check Point 700Check Point 1400 and Check Point 910.

Visit Check Point CheckMates Community to ask questions, start a discussion, and get expert assistance.

Important Note: This may not be the latest firmware release. To see the latest firmware release, refer to sk97766.

What's New in Check Point R77.20.86 for SMB Appliances?

  • New Mobile Application
    • Push notifications for immediate reaction to security and network events.
    • Easily manage and switch between multiple Security Gateways with a single login.
    • Monitor your network and security status with simplified pages of statistics for traffic, events, and more. 
    • In addition to the above, R77.20.86 includes many other important features. For more information, refer to the SMB WatchTower App Release Notes
  • Send security logs to an on-premise LogServer when connected to vSMP.
  • The VPN remote access user password can now consist of more than eight characters. 


Supported Appliances

The supported appliances are:

  • 700
  • 910
  • 1400



Effective 1 April 2019: Build 990172855 for R77.20.86 image has been released for 700/900/1400 appliances.

Resolved issue in Build 990172855: When a new firmware is suggested through the WebUI, clicking the "update now" button does not work. 

Important Note: Check the MD5 string before installing the downloaded file.

Important Note: To download these packages, you will need a Software Subscription or Active Support plan.

Download Package 700 Appliance 910 Appliance 1400 Appliance
R77.20.86 Image (IMG) (IMG) (IMG)
R77.20.86 package for SmartUpdate - - For R77.30 SmartUpdate and SmartProvisioing
For R80.x SmartUpdate

WatchTower App Download

Resolved Issues

The table below lists the resolved issues in R77.20.86:

ID Description
QoS load configuration fails when the name of the Internet connection contains a space.
SMB-7402 The user receives a false Non-Compliant DNS logs error message (illegal EDNS0 RR) due to an Illegal Resource Record format in the debug and Bad Resource Record format. This results in dropped legitimate DNS queries (DNS flag day compliance).
SMB-7442 Gateways configured with multiple Internet connections that are running R77.20.85 (build 990172731) firmware may experience very high CPU usage, which results in high network latency, possible network outage, and may sometimes make the appliance inaccessible.
SMB-7394 A server object with the hide NAT option enabled in a locally managed cluster is not accessible from external networks via the cluster's external virtual IP. It can only be accessed via the member's external physical IP.
SMB-7982 In HFA version R77.20.85, with build numbers lower than 990172755, when HTTPS inspection is enabled in the policy, memory consumption may increase gradually until available memory is depleted, causing a network outage.
SMB-7852 When HTTPs inspection is enabled and the Threat Prevention blades are configured to inspect the IMAPS email protocol, the IMAPS traffic is dropped.
SMB-7710 When creating a new server object in the WebUI (Users & Objects > Servers > New), in step 4 of the wizard, entering an IP address in the Static NAT field results in this error message: "Invalid object name"
SMB-7473 When creating a Firewall policy rule or a NAT manual rule in the WebUI, setting the source or destination as an IP address results in this error message: "Invalid object name"
SMB-8149 The user cannot generate reports from the WebUI if the report data includes an apostrophe character. See sk148473.
SMB-6647 Traffic accelerated by SecureXL does not reach its destination if the MAC address is zero.
SMB-7497 A Web server error appears on the 'Connected Remote Users' page if hotspot users are connected.
SMB-7183 An image upgrade may fail in the rare event that the last block in the kernel partition is bad.
SMB-6462 VPN tunnel initiation fails when using IKE v2 with 3rd party peers which only accept IPv4 as IDi (instead of IKE_ID) during the key exchange process.


Known Limitations

The table below lists known limitations in R77.20.86:

ID Description
SMB-7461 In locally managed mode, when you configure Site to Site VPN and select the "Route All Traffic" option, security logs will not be sent to an external Log Server.
SMB-6915 IPv6 related events are not included in gateway notifications for the web portal and mobile application.
SMB-7323 When a user blocks a device via the mobile application, only new connections are blocked.



Release Notes
Check Point SMB Appliances R77.20.86 Release Notes
SMB Check Point WatchTower Release Notes
Administration Guides
Check Point 700/900 Appliances R77.20.86 Administration Guide
Check Point 1400 Appliances Locally Managed R77.20.86 Administration Guide
Check Point 1400 Appliances Centrally Managed R77.20.86 Administration Guide
Check Point 700/900/1400 Appliance R77.20.86 CLI Guide
SMB WatchTower App User Guide
Related Solutions
sk97766 - Check Point 600 / 1100 / 1200R / 700 / 1400 / 910 Appliances Releases
sk105380 - Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 / 910 Appliance Known Limitations


Revision History

Show / Hide this section
Date Description
20 March 2019 First release of this document. 

Give us Feedback
Please rate this document