https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182597#M264 <P>What version/JHF level?<BR />When you say "this SK article" what precise one?<BR />Also, what precise client are you using here to connect?</P> <P>Changing the WebUI port shouldn't be necessary here, as we handle this via Multiportal.</P> Tue, 30 May 2023 18:05:27 GMT PhoneBoy 2023-05-30T18:05:27Z https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182423#M263 <P>Hi Everyone,</P><P>&nbsp;</P><P>I'm practicing deploying CloudGuard Network Security Solution on Azure Public Cloud and I'm facing connectivity issues with setting up Remote-Access VPN.</P><P>&nbsp;</P><P>On the web-browser, I can see that the gateway is resetting the connection: <STRONG>"It looks like&nbsp;<FONT color="#000000">&lt;GW-Pub-IP-Addr&gt;</FONT>&nbsp;closed the connection</STRONG>&nbsp;-&gt; <STRONG>ERR_CONNECTION_</STRONG><STRONG>CLOSED"&nbsp;</STRONG></P><P>&nbsp;</P><P>The Architecture:</P><UL><LI>CloudGuard Single Gateway deployed with 2 interfaces: eth0 and eth1. The static public IP is assigned to eth0:1 sub-interface.</LI><LI>The SMS is on an on-premise VMware Workstation.</LI><LI>IPsec VPN and Mobile Access VPN blades are enabled on the gateway.</LI></UL><P>&nbsp;</P><P>I followed this SK article: <I><A href="https://support.checkpoint.com/results/sk/sk109360#" target="_blank">Check Point Reference Architecture for Azure</A></I>. The best practices section speaks about the <STRONG>IPsec VPN, Link Selection Source IP Address&nbsp;settings</STRONG>, where it says to select the private IP address of the gateway's external interface to&nbsp;<SPAN>ensure that the Gateway in the Azure cloud sends encrypted traffic with the source address set to its private IP address.</SPAN></P><P>Is there anything similar to do for Remote Access VPN configuration as well?</P><P>&nbsp;</P><UL><LI>Anti-Spoofing is disabled on both external and internal interfaces.</LI><LI>I suspected there might be a conflict with Web-UI and changed the <STRONG>web ssl-port</STRONG> from 443 to 4434. Even then the issue persists.</LI></UL><P>&nbsp;</P><P>Could anyone help me to know what should I be troubleshooting for, please?</P><P>&nbsp;</P><P>Thank you!&nbsp;</P><P>&nbsp;</P> Wed, 31 May 2023 04:16:55 GMT https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182423#M263 chethan_m 2023-05-31T04:16:55Z https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182597#M264 <P>What version/JHF level?<BR />When you say "this SK article" what precise one?<BR />Also, what precise client are you using here to connect?</P> <P>Changing the WebUI port shouldn't be necessary here, as we handle this via Multiportal.</P> Tue, 30 May 2023 18:05:27 GMT https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182597#M264 PhoneBoy 2023-05-30T18:05:27Z https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182635#M265 <P><EM>What version/JHF level? </EM>&gt;&gt;&gt;&gt;&nbsp;<STRONG>R81.10 JHF Take 95</STRONG></P><P><EM>When you say "this SK article" what precise one?</EM> &gt;&gt;&gt;&gt;&nbsp;<STRONG>SK Article:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk109360#" target="_blank" rel="noopener">Check Point Reference Architecture for Azure</A></STRONG></P><P><SPAN><EM>Also, what precise client are you using here to connect? &gt;</EM>&gt;&gt;&gt;&nbsp;</SPAN><STRONG>Checkpoint Endpoint Security VPN and from Web Browser</STRONG></P><P><EM>Changing the WebUI port shouldn't be necessary here, as we handle this via Multiportal. &gt;&gt;&gt;&gt;&nbsp;</EM></P><P><SPAN>You're right. Not only <STRONG>https://&lt;ip&gt;/sslvpn</STRONG> URL, it&nbsp;looks like even the GAIA WebUI is also refusing to connect over port 443. But it works when I change the port to 4434.</SPAN></P> Wed, 31 May 2023 04:31:49 GMT https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182635#M265 chethan_m 2023-05-31T04:31:49Z https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182657#M266 <P>The solution to my problem was found here (sk115732):&nbsp;<A href="https://support.checkpoint.com/results/sk/sk115732" target="_blank">Unable to connect to Gaia Portal on port 443 (checkpoint.com)</A></P> Wed, 31 May 2023 09:23:48 GMT https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182657#M266 chethan_m 2023-05-31T09:23:48Z https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182659#M267 <P>Thanks for sharing</P> Wed, 31 May 2023 09:32:23 GMT https://community.checkpoint.com/t5/Cloud-Firewall/CloudGuard-Remote-Access-SSL-VPN-Connectivity-Issue/m-p/182659#M267 _Val_ 2023-05-31T09:32:23Z