https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/114016#M15914 <P>Linked on the bottom of the SK you mentioned seems to answer that question:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk31692" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk31692</A><BR />Tried that?</P> Thu, 18 Mar 2021 19:56:53 GMT PhoneBoy 2021-03-18T19:56:53Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/113901#M15905 <DIV class="lia-quilt-row lia-quilt-row-message-subject"><DIV class="lia-quilt-column lia-quilt-column-24 lia-quilt-column-single lia-quilt-column-message-subject-content"><DIV class="lia-quilt-column-alley lia-quilt-column-alley-single"><DIV class="topic-subject-wrapper"><DIV class="lia-message-subject lia-component-message-view-widget-subject"><DIV class="MessageSubject"><DIV class="lia-message-subject">&nbsp;</DIV></DIV></DIV></DIV></DIV></DIV></DIV><DIV class="lia-quilt-row lia-quilt-row-message-body"><DIV class="lia-quilt-column lia-quilt-column-24 lia-quilt-column-single lia-quilt-column-message-body-content"><DIV class="lia-quilt-column-alley lia-quilt-column-alley-single"><DIV class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"><DIV class="lia-message-body-content"><P>Hi all,&nbsp;</P><P>My particular issue is that my RADIUS queries are sent in cleartext - whereas they should be sent through the S2S VPN tunnel I have set up.&nbsp;</P><P>I know there's a way to exclude LDAP queries from implied rules --&nbsp;sk26059</P><P>But does anyone know of a way to exclude RADIUS queries?</P><P>I am working on a 77.20.87 SMB device&nbsp;</P><P>I am not finding anything on the subject in the various Check Point knowledge bases and administration guides.&nbsp;</P><P>Thank you</P><P>John</P></DIV></DIV></DIV></DIV></DIV> Thu, 18 Mar 2021 09:58:41 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/113901#M15905 JohnMcClain 2021-03-18T09:58:41Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/114016#M15914 <P>Linked on the bottom of the SK you mentioned seems to answer that question:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk31692" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk31692</A><BR />Tried that?</P> Thu, 18 Mar 2021 19:56:53 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/114016#M15914 PhoneBoy 2021-03-18T19:56:53Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/114074#M15926 <P>Yes -&nbsp;<SPAN>&nbsp;</SPAN><EM><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk31692&amp;partition=Advanced&amp;product=Security" target="_blank" rel="noopener noreferrer">sk31692 RADIUS/SecurID packets are being picked up by an implied rule instead of being encrypted</A></EM><SPAN>&nbsp;</SPAN></P> <P>For centrally managed units see&nbsp;<A href="https://community.checkpoint.com/t5/SMB-Gateways-Spark/SMB-units-SMS-files-for-VPN-fine-tuning/td-p/39541" target="_blank">https://community.checkpoint.com/t5/SMB-Gateways-Spark/SMB-units-SMS-files-for-VPN-fine-tuning/td-p/39541</A>&nbsp;on how to implement it.</P> <P>For local management&nbsp;See my posting here:&nbsp;<A id="link_89" class="page-link lia-link-navigation lia-custom-event" href="https://community.checkpoint.com/t5/SMB-Appliances-and-SMP/Changing-implied-rules-def-on-locally-managed-SMBs/m-p/40243" target="_blank" rel="noopener">Changing implied_rules.def on locally managed SMBs</A></P> <P>&nbsp;</P> <P>&nbsp;<SPAN>sk31692</SPAN></P> Fri, 19 Mar 2021 11:04:25 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Excluding-RADIUS-queries-from-being-processed-by-implied-rules/m-p/114074#M15926 G_W_Albrecht 2021-03-19T11:04:25Z