Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

Custom ports access not working after doing R80.10 upgrade

 All,

 Recently we upgraded the firewall and management to R80 .10 , all services and vpn came up but we faced issues in site to site vpn . Multiple custom port applications and voip phones were not working through site to site vpn .

HO is the checkpoint and the remote site is cyberroam , we were able to telnet the port but could not able to access the application with custom ports. we created the custom port and tried, also checked the match for any other  option as well but didn't work. 

when we reverted it back to R77.30 everything works. 

Any thoughts or inputs will be much appreciated. 

Tags (1)
0 Kudos
4 Replies
Highlighted
Admin
Admin

Did you downgrade both back to R77.30?

Also some samples of the rules in question may be helpful.

Are you using App Control as well?

Also did you open a TAC case on this?

0 Kudos
Highlighted
Contributor

Did you downgrade both back to R77.30?p- yes we downgraded both boxes to R77.30

Also some samples of the rules in question may be helpful.

In R77.30 The working rule is

Source:Local Vpn domain network

destination :Remote vpn domain network

service :any

community :specific site to to vpn community

In R80.10 – we tried to create a specific rule with custom port on site to site vpn policy\

The custom ports are 8080,1521.avaya ports

Are you using App Control as well?- No

Also did you open a TAC case on this?- yes we opened a critical case but unfortunately TAC worked for 8 hrs and said that it was not an issue with the checkpoint .TAC mentioned that remote site (firewall cyberroam)have issues. But later when we reverted back everything worked .

.

0 Kudos
Highlighted
Admin
Admin

Please send me the SR in a PM.

Did you try it with service "any" in R80.10 as you had it in R77.30?

Did you try it with custom ports in R77.30?

0 Kudos
Highlighted
Explorer

Hi Thomas,

did you solve your issue? I'm asking because I'm having a similar issue after upgrade the SmartCenter from R77.30 to R80.30 by one of my customers.  My customer is using VoIP from Avaya and the communication to the Avaya call manager is running thougth a vpn tunnel. Reverting back to the old R77.30 SmartCenters solves the issues with VoIP.

Thanks!

Mario

0 Kudos