- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- AZURE NAT Issues 22 & 25
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AZURE NAT Issues 22 & 25
It seems like we are constantly encountering significant issues with the gateways installed in Azure as opposed to on-premise. We are running R80.40 and in this case single gateways in different Azure regions. We spent over 20 hours on the Phone with Checkpoint and they cannot figure out the issue so I am asking if anybody has this working. We are able to NAT inbound traffic from either a direct checkpoint interface or Azure LB from other ports, but Checkpoint cannot get the appliances to NAT and pass incoming traffic on Port 22. The traffic just goes to the firewall and dies instead of NAT and Forward. The same condition applies for outbound traffic on Port 25. The traffic does not make it to the outside using the Hide Behind NAT.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Keep in mind the gateway has an SSH daemon on it, which might thwart any attempts at port forwarding on that port.
Depending on the configuration/blades active, the same can be said for port 25 as MTA can be active.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Parauser
Do you have an SR number we can follow-up on?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you but this has already been escalated. I have long suspected what PhoneBoy is hinting, but it has not been confirmed. This would be a pretty big problem since ultimately we have to send out some traffic on port 25 to accept 22. For the time being we have routed this traffic away from our Checkpoint firewall in Azure and had to stand up a temporary Azure Firewall. Debugs were taken over a week ago but we have yet to hear from anyone on it. Does anybody have a working outgoing hide behind NAT on port 25 or an incoming on port 22 ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ariel is one of the R&D folks responsible for the product and should reach out privately to understand what's going on.