https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249544#M48739 <P>Interesting question...personally, never heard of such a thing being feasable, but maybe you can verify with TAC.</P> <P>Andy</P> Wed, 21 May 2025 21:29:30 GMT the_rock 2025-05-21T21:29:30Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249511#M48731 <P>Hi all,</P><P>&nbsp;</P><P>I am receiving a lot of detect logs in the firewall caused by the bootp protocol. The problem is that the APs ask for an IP address for the clients using the same interface in which they ask for their own IP address (although they are different networks).</P><P>I know I can disable address spoofing for specific networks in the "Gateways and Servers" section but I can´t find anything similar for protocols. I also have thought about using&nbsp;<SPAN>fast_accel but I am not sure if this would work since address spoofing is checked before firewall rules are applied.</SPAN></P><P>So, all in all, Is there any way to bypass the address spoofing check for the bootp protocol?</P><P>&nbsp;</P><P>Thank you!</P> Wed, 21 May 2025 15:04:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249511#M48731 Solkah 2025-05-21T15:04:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249513#M48733 <P>Firstly, why do you need to do that in the first place?&nbsp;</P> <P>Also, I don't believe it is possible to bypass antispoofing for some of the traffic but not all the rest.&nbsp;<BR /><BR />Finally, please see if you can find your case and resolution in this SK:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk104114" target="_blank">https://support.checkpoint.com/results/sk/sk104114</A></P> Wed, 21 May 2025 15:29:26 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249513#M48733 _Val_ 2025-05-21T15:29:26Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249526#M48736 <P>bootp is a legacy service so i suspect you configured dhcp incorrectly. Also bypass anti-spoofing with only a service like bootp is not possible. AS is based on IP's / networks. What port is used is not relevant for this feature&nbsp;</P> Wed, 21 May 2025 16:55:02 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249526#M48736 Lesley 2025-05-21T16:55:02Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249543#M48738 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/116680">@Solkah</a>&nbsp; if both networks, the APs network and the clients network are behind the same interface of your gateway you have to configure both networks for this interface in the AntiSpoofing settings.</P> Wed, 21 May 2025 20:22:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249543#M48738 Wolfgang 2025-05-21T20:22:13Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249544#M48739 <P>Interesting question...personally, never heard of such a thing being feasable, but maybe you can verify with TAC.</P> <P>Andy</P> Wed, 21 May 2025 21:29:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249544#M48739 the_rock 2025-05-21T21:29:30Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249609#M48752 <P>Pretty sure this is not possible, and using fact_accel will not help since SecureXL/sim enforces antispoofing directly on SND's.</P> Thu, 22 May 2025 12:17:35 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Bypass-Address-Spoofing-for-a-Specific-Protocol/m-p/249609#M48752 Timothy_Hall 2025-05-22T12:17:35Z