cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Brander
Ivory

NEW-RADIUS traffic drop

Dear all,

First of all - I am no checkpoint guru so there could be something elementary that I've missed. But, I'm configuring EAP-TLS communication between my WLC (Cisco) & RADIUS (NPS in DMZ). Please note the object is referencing the DMZ IP-address. I've created a rule for NEW-RADIUS traffic between the two objects to accept traffic, but I can still see drops. 

1. From the Smartconsole in the 'Logs & Monitor' section I notice that the drop is missing a reference to a specific rule. 

2. When I enabled ICMP echo-request the behaviour was the same, dropped traffic without a reference to a access rule. 

 

If you have any tips, suggestions or if you need additional information - please let me know 🙂

I'll await your kind reply,

TB

0 Kudos
3 Replies
Admin
Admin

Re: NEW-RADIUS traffic drop

Double-clicking the relevant log entry and looking at further details may explain why it's being dropped.
0 Kudos
Brander
Ivory

Re: NEW-RADIUS traffic drop

Dear PhoneBoy,
Is there something special I should keep an eye out for? 

I guess something weird is the 'Message information': Address spoofing.

 

The source and destination is two different subnets, without a specific route enabled. Is this a requirement? 

 

0 Kudos
Admin
Admin

Re: NEW-RADIUS traffic drop

It should also be logged against Rule 0, which is an implied rule.
Anti-spoofing is exactly why the traffic is being dropped, and you need to fix that.
This may mean adding routes, changing the gateway object configuration, or both.
https://community.checkpoint.com/t5/General-Topics/A-Primer-on-Anti-Spoofing/m-p/23042
0 Kudos