https://community.checkpoint.com/t5/Mobile/Mobile-Access-Reverse-Proxy-R80-40-Limitations/m-p/142603#M768 <P>Hello, Just want to share our experience implementing the MoB Reverse Proxy in R80.40.</P><P>Note: The <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk110348&amp;partition=Advanced&amp;product=Mobile" target="_blank" rel="noopener">sk110348</A> is a great article in conjunction with <A href="https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_MobileAccess_AdminGuide/Topics-MABG/Reverse-Proxy.htm?tocpath=_____17" target="_blank" rel="noopener"><SPAN class=""><SPAN class="">MoB R80.40 admin Guide.</SPAN></SPAN></A></P><P>&nbsp;</P><P>In R80.40 at least, found another limitation not explicitly noted in the SK at the time of this post:</P><P>It seems <STRONG>It is only possible to use the IP assigned to the Firewall.</STRONG></P><P>It is not possible to use another IP address that is available in the same Pub subnet.</P><P>Example: It is only possible to use the 0.0.0.2 IP (FW IP address)</P><P>/28</P><UL><LI>0.0.0.1 - GW NetworkService</LI><LI>0.0.0.2 - IP assigned to the Firewall / cluster.</LI><LI>0.0.0.3 - IP used for other NATs</LI><LI>0.0.0.4 - Free IP.</LI><LI>...</LI></UL><P>We have implemented KB, and we have tried to use the 3rd or 4th IP. But it did not work.</P><P>Only worked when we pointed the DNSs to the 2nd IP instead of 3 or 4.</P><P>Regards</P> Mon, 28 Feb 2022 10:30:35 GMT taduo 2022-02-28T10:30:35Z https://community.checkpoint.com/t5/Mobile/Mobile-Access-Reverse-Proxy-R80-40-Limitations/m-p/142603#M768 <P>Hello, Just want to share our experience implementing the MoB Reverse Proxy in R80.40.</P><P>Note: The <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk110348&amp;partition=Advanced&amp;product=Mobile" target="_blank" rel="noopener">sk110348</A> is a great article in conjunction with <A href="https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_MobileAccess_AdminGuide/Topics-MABG/Reverse-Proxy.htm?tocpath=_____17" target="_blank" rel="noopener"><SPAN class=""><SPAN class="">MoB R80.40 admin Guide.</SPAN></SPAN></A></P><P>&nbsp;</P><P>In R80.40 at least, found another limitation not explicitly noted in the SK at the time of this post:</P><P>It seems <STRONG>It is only possible to use the IP assigned to the Firewall.</STRONG></P><P>It is not possible to use another IP address that is available in the same Pub subnet.</P><P>Example: It is only possible to use the 0.0.0.2 IP (FW IP address)</P><P>/28</P><UL><LI>0.0.0.1 - GW NetworkService</LI><LI>0.0.0.2 - IP assigned to the Firewall / cluster.</LI><LI>0.0.0.3 - IP used for other NATs</LI><LI>0.0.0.4 - Free IP.</LI><LI>...</LI></UL><P>We have implemented KB, and we have tried to use the 3rd or 4th IP. But it did not work.</P><P>Only worked when we pointed the DNSs to the 2nd IP instead of 3 or 4.</P><P>Regards</P> Mon, 28 Feb 2022 10:30:35 GMT https://community.checkpoint.com/t5/Mobile/Mobile-Access-Reverse-Proxy-R80-40-Limitations/m-p/142603#M768 taduo 2022-02-28T10:30:35Z https://community.checkpoint.com/t5/Mobile/Mobile-Access-Reverse-Proxy-R80-40-Limitations/m-p/142808#M769 <P>I assume this is because the underlying MultiPortal infrastructure only works on the gateway IP and not others.</P> Wed, 02 Mar 2022 15:21:26 GMT https://community.checkpoint.com/t5/Mobile/Mobile-Access-Reverse-Proxy-R80-40-Limitations/m-p/142808#M769 PhoneBoy 2022-03-02T15:21:26Z