https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217234#M41358 <P>Hi All,</P><P>we have checkpoint r81.10 security gateway and I see logs for the firewall blade with action "bypass" can you please explain this for me I taught bypass is for the https blade ?</P><P>Thanks</P> Wed, 12 Jun 2024 05:33:23 GMT Ihenock1011 2024-06-12T05:33:23Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217234#M41358 <P>Hi All,</P><P>we have checkpoint r81.10 security gateway and I see logs for the firewall blade with action "bypass" can you please explain this for me I taught bypass is for the https blade ?</P><P>Thanks</P> Wed, 12 Jun 2024 05:33:23 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217234#M41358 Ihenock1011 2024-06-12T05:33:23Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217239#M41359 <P>Good question, I just checked some customers logs and could see that smtp/pop traffic is bypassed. Is it smtp/pop traffic in your case as well?</P> Wed, 12 Jun 2024 06:33:52 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217239#M41359 796570686578 2024-06-12T06:33:52Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217241#M41360 <P>Yes It is SMTP Traffic.</P> Wed, 12 Jun 2024 06:37:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217241#M41360 Ihenock1011 2024-06-12T06:37:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217260#M41362 <P>SMTP(S) i.e. TLS per&nbsp;<SPAN>sk98973?</SPAN></P> Wed, 12 Jun 2024 10:31:54 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217260#M41362 Chris_Atkinson 2024-06-12T10:31:54Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217810#M41512 <P>Posting a screenshot of the full log card with sensitive details redacted might be helpful.&nbsp;</P> Mon, 17 Jun 2024 16:44:54 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217810#M41512 PhoneBoy 2024-06-17T16:44:54Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217817#M41515 <P>I agree with Phoneboy...if you attach a log itself, would definitely help.</P> <P>Andy</P> Mon, 17 Jun 2024 18:04:14 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217817#M41515 the_rock 2024-06-17T18:04:14Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217819#M41516 <P>This is the correct SK for this question. I have the same with my customers.&nbsp;</P> Mon, 17 Jun 2024 18:31:04 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Firewall-blade-log-action-bypass/m-p/217819#M41516 Lesley 2024-06-17T18:31:04Z