https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/200042#M933 <P>Hi,</P><P>using the Perimeter81 client behind a spark appliance the network connection to the P81 private or public network didn't work. The connection went down after some seconds. Concerning the logs of the Spark appliance nothing had been blocked but running a zdebug drop you can see "<EM>dropped by fwmultik_process_f2p_cookie_inner Reason: PSL Drop: ADVP" </EM>messages for port 51821.&nbsp; To get it running I had&nbsp; added a dedicate Service for the&nbsp;WireGuard&nbsp; UDP ports 51821, 8000 and&nbsp; 8055 with the <EM>Protocol Type</EM> None and put them in a allow rule.</P><P>Thomas</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 08 Dec 2023 09:51:50 GMT Thomas_Hesse 2023-12-08T09:51:50Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/200042#M933 <P>Hi,</P><P>using the Perimeter81 client behind a spark appliance the network connection to the P81 private or public network didn't work. The connection went down after some seconds. Concerning the logs of the Spark appliance nothing had been blocked but running a zdebug drop you can see "<EM>dropped by fwmultik_process_f2p_cookie_inner Reason: PSL Drop: ADVP" </EM>messages for port 51821.&nbsp; To get it running I had&nbsp; added a dedicate Service for the&nbsp;WireGuard&nbsp; UDP ports 51821, 8000 and&nbsp; 8055 with the <EM>Protocol Type</EM> None and put them in a allow rule.</P><P>Thomas</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 08 Dec 2023 09:51:50 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/200042#M933 Thomas_Hesse 2023-12-08T09:51:50Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/200161#M934 <P>Hi, connection with the agent requires several ports to be reachable and not blocked over the network.&nbsp;</P><P>The list of required ports and destinations are listed at:&nbsp;<A href="https://support.perimeter81.com/docs/can-t-connect-perimeter-s-internet-connection-troubleshooting-guide" target="_blank">https://support.perimeter81.com/docs/can-t-connect-perimeter-s-internet-connection-troubleshooting-guide</A>.</P><P>&nbsp;</P><P>Guy</P> Mon, 11 Dec 2023 08:18:41 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/200161#M934 GuyA 2023-12-11T08:18:41Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/205312#M935 <P>I also had issues. Traffic on port 51821 was being dropped with the following error: "Violated Unidirectional Connection".</P> <P>I was able to make it work after creating services for ports&nbsp;51821, 8000, 8055 and creating a rule explicitly allowing the service group instead of using a rule with service=any.</P> Wed, 07 Feb 2024 13:40:54 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/connection-Issue-running-a-Quantum-SASE-client-Perimeter81/m-p/205312#M935 Pedro_Espindola 2024-02-07T13:40:54Z