https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252335#M49395 <P>Have you already reviewed sk105740, sk180808 ?</P> Tue, 01 Jul 2025 12:19:03 GMT Chris_Atkinson 2025-07-01T12:19:03Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252320#M49392 <P>I'm using Check Point R82. I’ve configured NAT for ports 80 and 443 from the internet to a backend server. However, I noticed that <STRONG>HTTP/HTTPS traffic is reaching the backend even though no explicit policy rule has been created to allow it</STRONG>.</P><P>&nbsp;I suspect some <STRONG>Implied Rule</STRONG> might be allowing this by default.</P><P>&nbsp;I tried disabling some implied rule options but it didn’t work — is there any official or correct way to do this in R82?</P><P>Thanks in advance!</P> Tue, 01 Jul 2025 07:05:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252320#M49392 vanhieuptit4 2025-07-01T07:05:12Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252321#M49393 <P>Do you see this traffic in the traffic logs and if so can you paste it here?</P> Tue, 01 Jul 2025 07:12:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252321#M49393 Lesley 2025-07-01T07:12:22Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252334#M49394 <DIV class="">&nbsp;</DIV><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="implied log.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/30849i84E29D7909C7C5BB/image-size/large?v=v2&amp;px=999" role="button" title="implied log.png" alt="implied log.png" /></span>this is log of firewall</P> Tue, 01 Jul 2025 12:07:40 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252334#M49394 vanhieuptit4 2025-07-01T12:07:40Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252335#M49395 <P>Have you already reviewed sk105740, sk180808 ?</P> Tue, 01 Jul 2025 12:19:03 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252335#M49395 Chris_Atkinson 2025-07-01T12:19:03Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252377#M49402 <P>Your NAT rule does not work because rule 0 goes before any other custom made rules.&nbsp;</P> <P>I assume you use external VIP IP of the firewall. If you use any other IP you have same issue? If you really want to use VIP IP you can follow this sk&nbsp;<A href="https://support.checkpoint.com/results/sk/sk178087" target="_blank">https://support.checkpoint.com/results/sk/sk178087</A></P> Tue, 01 Jul 2025 20:09:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Check-Point-allows-HTTP-HTTPS-without-rule/m-p/252377#M49402 Lesley 2025-07-01T20:09:12Z