- CheckMates
- :
- Products
- :
- Harmony
- :
- SASE
- :
- Https Inspection Bypass - checkpoint capsule conne...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Https Inspection Bypass - checkpoint capsule connect
Hello,
we use the Checkpoint Caspusle Connect Client (Cloud Firewall) with HTTPS Inspection enabled and wanted to call the URL https://www.xing.com. However when the cloud client is connected, we can't call this URL. We only get the notification, that the site is not available. When we disconnect the cloud client, we can call this URL without any problem.
So we tried to bypass this site from the HTTPS inspection (*.xing.com in the cloud portal) however this also doesn't work. So we tried to analyse the traffic with "Fiddler" and there we see that the HTTPS handshake to www.xing.com failed, because the stream was closed.
It seems that the https bypass not really works. Does anybody know how we can bypass the traffic to xing?
Best regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I suspect (without having done the troubleshooting) that there is an incompatibility with TLS ciphers between this site and what is supported by the Capsule Cloud infrastructure.
In this case, the only way a bypass would work is if you bypass the site by IP address.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the answer. I will open a checkpoint case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not sure if you solved the issue already but for others who may come across the same problem, Check Point Capsule Connect doesn't support IP addresses in https inspection bypass rules. The quickest way to solve this is to exclude the IP / URL from web management interface (cloud.checkpoint.com)