I have been seeing R80.20 upgrade problems the past few months with a few of my customers. One move was from R77.20 to R80.20 and the other from R77.30 to R80.20. These were “in-place” upgrades.
In both cases, after the Security Management Server (SMS) rebooted there was a problem. That problem in both cases had to do with the SMS not being able to recognize the older gateways. This kept us from installing the policy after the upgrade (not good).
In the R77.30 case, the gateway objects would not display a version in the drop-down list.
For the R77.20 move I saw the following:
After about ten minutes the support engineer came back and provided a backwards compatibility RPM:
It is a 7MB package, and after applying the patch (no reboot required) we were able to install the policy.
From what I can tell, any R80.20 SMS should have this file if you need to manage R77.x gateways from an R80.20 SMS. To check if it is installed:
rpm -qa | grep CPR77CMP-R80.20-00.i386
At this time, Check Point still does not have an SK article on this issue, or list the RPM in the Knowledge Base. If you do not see this package on the SMS after the upgrade/reboot, get a hold of Check Point support and ask for it. They will host it on their SCP site.
Download it. Verify the checksum. Then install it with:
rpm -ivh CPR77CMP-R80.20-00.i386.rpm
You will be back in business in no time.