https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270627#M14356 <P>Hey guys,</P> <P>Figured would share below, as this sort of rule is needed for correct SASE access.</P> <P>source:</P> <P>any (or whatever source appropriate)</P> <P>dst:</P> <P>.api.perimeter81.com*<BR />.cws.checkpoint.com<BR />.fonts.googleapis.com<BR />.p81-assets.perimeter81.com<BR />.perimeter81.com<BR />.sdp.perimeter81.com*<BR />.sdpv2-agent-ws.perimeter81.com<BR />.company.perimeter81.com (example apple.perimeter81.com, whatever sase portal shows for the link)<BR />.te.checkpoint.com<BR />.upgrade.bitdefender.com<BR />.url-rep.kube1.iaas.checkpoint.com<BR />.web-rep.iaas.checkpoint.com<BR />.yarkon-443.perimeter81.com<BR />.yarkon.perimeter81.com<BR />POPs as well</P> <P>services:</P> <P>https<BR />tcp-50051<BR />Wireguard_51821<BR />Wireguard_8000<BR />Wireguard_8055<BR />UDP_1194<BR />UDP_636<BR />TCP_1195<BR />TCP_8443<BR />wireguard protocol</P> <P><BR />log</P> Thu, 12 Feb 2026 16:52:33 GMT the_rock 2026-02-12T16:52:33Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270627#M14356 <P>Hey guys,</P> <P>Figured would share below, as this sort of rule is needed for correct SASE access.</P> <P>source:</P> <P>any (or whatever source appropriate)</P> <P>dst:</P> <P>.api.perimeter81.com*<BR />.cws.checkpoint.com<BR />.fonts.googleapis.com<BR />.p81-assets.perimeter81.com<BR />.perimeter81.com<BR />.sdp.perimeter81.com*<BR />.sdpv2-agent-ws.perimeter81.com<BR />.company.perimeter81.com (example apple.perimeter81.com, whatever sase portal shows for the link)<BR />.te.checkpoint.com<BR />.upgrade.bitdefender.com<BR />.url-rep.kube1.iaas.checkpoint.com<BR />.web-rep.iaas.checkpoint.com<BR />.yarkon-443.perimeter81.com<BR />.yarkon.perimeter81.com<BR />POPs as well</P> <P>services:</P> <P>https<BR />tcp-50051<BR />Wireguard_51821<BR />Wireguard_8000<BR />Wireguard_8055<BR />UDP_1194<BR />UDP_636<BR />TCP_1195<BR />TCP_8443<BR />wireguard protocol</P> <P><BR />log</P> Thu, 12 Feb 2026 16:52:33 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270627#M14356 the_rock 2026-02-12T16:52:33Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270777#M14363 <P>There is also an application control object that could be used as well.&nbsp;</P> <DIV id="tinyMceEditor_6f2de69290a02masher_5" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="SmartConsole_QNULEmfnRX.png" style="width: 354px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/33295iED0560E9D123CBC3/image-size/medium?v=v2&amp;px=400" role="button" title="SmartConsole_QNULEmfnRX.png" alt="SmartConsole_QNULEmfnRX.png" /></span></P> <DIV id="tinyMceEditor_6f2de69290a02masher_0" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <DIV id="tinyMceEditor_6f2de69290a02masher_3" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> <DIV id="tinyMceEditor_6f2de69290a02masher_2" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> <DIV id="tinyMceEditor_6f2de69290a02masher_1" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> Fri, 13 Feb 2026 14:09:43 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270777#M14363 masher 2026-02-13T14:09:43Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270778#M14364 <P>Ah yes, excellent point&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/1030">@masher</a>&nbsp;</P> Fri, 13 Feb 2026 14:10:51 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270778#M14364 the_rock 2026-02-13T14:10:51Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270780#M14365 <P>I see btw that covers all those ports/services I listed...NICE!</P> Fri, 13 Feb 2026 14:13:08 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270780#M14365 the_rock 2026-02-13T14:13:08Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270785#M14366 <P>You can find similar information here:</P> <P><A href="https://support.checkpoint.com/results/sk/sk182251" target="_blank">https://support.checkpoint.com/results/sk/sk182251</A></P> Fri, 13 Feb 2026 14:28:40 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270785#M14366 Chris_Atkinson 2026-02-13T14:28:40Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270786#M14367 <P>Thanks Chris!</P> Fri, 13 Feb 2026 14:30:22 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270786#M14367 the_rock 2026-02-13T14:30:22Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270813#M14370 <P>Is the whole whitelisting guide salient if the agent is on prem, and using the trusted network feature (with agent security disabled)?</P> Fri, 13 Feb 2026 17:19:45 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Rule-needed-for-proper-SASE-access/m-p/270813#M14370 D_TK 2026-02-13T17:19:45Z