https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228650#M43993 <P>You'll probably need to do something like this to change the implied rules:&nbsp;<A href="https://community.checkpoint.com/t5/Security-Gateways/How-to-disable-Gaia-access-from-the-Internet/m-p/89654/highlight/true#M6863" target="_blank">https://community.checkpoint.com/t5/Security-Gateways/How-to-disable-Gaia-access-from-the-Internet/m-p/89654/highlight/true#M6863</A><BR />Note that the file you will need to edit will be in the relevant backward compatibility directory on your management rather than $FWDIR/lib.</P> <P>Or you can create an fw samp rule to block the necessary traffic:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk164472" target="_blank">https://support.checkpoint.com/results/sk/sk164472</A>&nbsp;</P> Tue, 01 Oct 2024 15:26:24 GMT PhoneBoy 2024-10-01T15:26:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228620#M43983 <P>Noticed internet resources are accessing our firewall external interface ip with port 443. These traffics are allowed through implied rule and looking for fix. These gateways are running old gaia version 77.20.&nbsp;</P><P>Unable to find solution on the checkmates, due to this old gaia version and TAC case also not possible.&nbsp;</P><P>Looking for urgent solution</P> Tue, 01 Oct 2024 13:08:07 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228620#M43983 ramadhas 2024-10-01T13:08:07Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228650#M43993 <P>You'll probably need to do something like this to change the implied rules:&nbsp;<A href="https://community.checkpoint.com/t5/Security-Gateways/How-to-disable-Gaia-access-from-the-Internet/m-p/89654/highlight/true#M6863" target="_blank">https://community.checkpoint.com/t5/Security-Gateways/How-to-disable-Gaia-access-from-the-Internet/m-p/89654/highlight/true#M6863</A><BR />Note that the file you will need to edit will be in the relevant backward compatibility directory on your management rather than $FWDIR/lib.</P> <P>Or you can create an fw samp rule to block the necessary traffic:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk164472" target="_blank">https://support.checkpoint.com/results/sk/sk164472</A>&nbsp;</P> Tue, 01 Oct 2024 15:26:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228650#M43993 PhoneBoy 2024-10-01T15:26:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228659#M43995 <P>thank you for the swift response, let me perform above task and update you asap.</P> Tue, 01 Oct 2024 15:58:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Implied-rule-allowing-external-https-traffic-which-need-to-block/m-p/228659#M43995 ramadhas 2024-10-01T15:58:12Z