<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Mobile Access VPN - Unautharized SSL Traffic in SASE and Remote Access</title>
    <link>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/105840#M11207</link>
    <description>&lt;P&gt;Did you ever finde a solution on this problem Caner_Altinel ?&lt;/P&gt;</description>
    <pubDate>Fri, 18 Dec 2020 12:26:25 GMT</pubDate>
    <dc:creator>vigggen</dc:creator>
    <dc:date>2020-12-18T12:26:25Z</dc:date>
    <item>
      <title>Mobile Access VPN - Unautharized SSL Traffic</title>
      <link>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/78711#M11205</link>
      <description>&lt;P&gt;Hi there,&lt;/P&gt;&lt;P&gt;I upgraded the Checkpoint R77.30 to R80.30 2-3 weeks ago. Now company wants workers to have a VPN account and can make a RDP connection to their office PC's. I had already had some" Local Users" for 3rd party and some IT workers, and the VPN was working fine.&lt;/P&gt;&lt;P&gt;Recent days I have some issue that, even a Mobile Access user has a Native Application rule for RDP, Checkpoint drops the RDP connection via MAB Rules.&lt;/P&gt;&lt;P&gt;For example a user (local user or LDAP User )connects to Mobile Access via SNX Portla and gets the Office Mode IP. Then makes the RDP connection that I allowed. But some time later (random time later) this user gets dropped by MAB rules out of nowhere. Logs say (layer_name : MAB Rules - Rule Name : Unatharized SSL Traffic). Even retrying the connection, cp keep dropping the RDP packets.&lt;/P&gt;&lt;P&gt;Again after some random time later, same user connects the same IP with no problem. This keeps going every day. Any the "drop" problem happens same time for various users.&lt;/P&gt;&lt;P&gt;I have license for 100 users so this can't be the issue, and when I check the User's Group info with "pdp monitor user ..." I see that the groups are true for the users that gets the drop logs.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I already tried&amp;nbsp;&lt;SPAN&gt;sk97811 but it didn't solve the problem.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;Add a new variable in Check Point Registry on Management Server - 'SNX_ALLOW_GW_TO_GW' and set its value to 1:&lt;/P&gt;&lt;P&gt;On Security Management Server:&lt;/P&gt;&lt;P&gt;[Expert@MGMT]# ckp_regedit -a SOFTWARE/CheckPoint/VPN1 SNX_ALLOW_GW_TO_GW -n 1&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Any Ideas for the issue?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Regards,&lt;/P&gt;</description>
      <pubDate>Wed, 18 Mar 2020 17:32:29 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/78711#M11205</guid>
      <dc:creator>Caner_Altinel</dc:creator>
      <dc:date>2020-03-18T17:32:29Z</dc:date>
    </item>
    <item>
      <title>Re: Mobile Access VPN - Unautharized SSL Traffic</title>
      <link>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/79162#M11206</link>
      <description>Have you opened a TAC case?</description>
      <pubDate>Sat, 21 Mar 2020 23:59:16 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/79162#M11206</guid>
      <dc:creator>PhoneBoy</dc:creator>
      <dc:date>2020-03-21T23:59:16Z</dc:date>
    </item>
    <item>
      <title>Re: Mobile Access VPN - Unautharized SSL Traffic</title>
      <link>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/105840#M11207</link>
      <description>&lt;P&gt;Did you ever finde a solution on this problem Caner_Altinel ?&lt;/P&gt;</description>
      <pubDate>Fri, 18 Dec 2020 12:26:25 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/SASE-and-Remote-Access/Mobile-Access-VPN-Unautharized-SSL-Traffic/m-p/105840#M11207</guid>
      <dc:creator>vigggen</dc:creator>
      <dc:date>2020-12-18T12:26:25Z</dc:date>
    </item>
  </channel>
</rss>

